IAPP ANZ Summit round up
In November, Simply Privacy attended the IAPP ANZ Summit in Melbourne. Despite the rubbish weather it was a great opportunity to get up to date with what is happening in the world of privacy on both sides of the Tasman, and also to connect with...
OPC Annual report
The Office of the Privacy Commissioner issued its 2024 Annual Report recently – we read it so you don’t have to, and here are our key takeaways relating to its complaints and enforcement functions: Over 1000 complaints were received – a 15% increase on the...
Upcoming Privacy Act amendments
There are a couple of bills before Parliament that will amend the Privacy Act 2020, and may require some action on the part of Privacy Officers to make sure their agency stays compliant. The Privacy Amendment Bill is currently before Parliament, and will introduce a...
Tips for dealing with requests for personal information
One of the trickiest aspects of being a Privacy Officer can be dealing with requests made for access to personal information under Information Privacy Principle 6 (IPP6) of the Privacy Act (or rule 6 of the Health Information Privacy Code for health agencies). This is...
Get AI Governance Professional certified – with a Kiwi flavour!
AI has taken the world by storm – and it’s fair to say the IAPP’s AI Governance Professional certification (AIGP) is doing the same for the world of AI governance. If you want to join the many people gaining this internationally recognised certification, then you...
Simply Privacy’s EU AI Act guidance
If you’re looking to develop or use an AI system in the EU, our EU AI Act guidance will help you understand this significant new law and how it might apply to you and your business. In collaboration with the team at Te Pokapū Auaha...
AI Impact Assessments – your new best friend!
AI Impact Assessments – your new best friend! No doubt you’re already familiar with the value Privacy Impact Assessments (PIAs) contribute to your privacy programme. They’re a key tool for really getting to grips with the key privacy issues in any new data-based project, product...
OPC Guidance on Applying the IPPS to AI
OPC guidance on applying the Information Privacy Principles to AI The Office of the Privacy Commissioner (OPC) has released guidance on how the Information Privacy Principles (IPPs) apply to Artificial Intelligence (AI). This builds on recent guidance setting out the OPC’s expectations around the use of...
Tips for managing CCTV systems
Video recording and CCTV have become ubiquitious in private and public settings. Ninety nine percent of the time video cameras are installed for security or safety reasons - to catch or deter someone from committing offences. It might be protecting retail premises from ram raid...
Data retention and privacy risk
The Office of the Privacy Commissioner has recently highlighted the importance of good data retention practices. The Office released a statement in April 2023, discussing the role of data retention in recent New Zealand data breaches. The statement points to the Latitude Financial Services breach,...
Privacy by Design, by design
As agencies increasingly adopt more agile and ‘by design’ approaches to product and service design, privacy functions must adapt their approaches to engaging with project teams to effectively influence data practices and outcomes. We've developed some guidance to help privacy professionals and their teams put...
Tips for implementing a PIA process
Privacy Impact Assessments (PIAs) are be a valuable tool in the Privacy Officer toolkit - identifying and dealing to privacy risk without stifling innovation or impeding progress. But they can also be a bit of a Pain In (the) Ass, when it comes to introducing...
Whānau Ora Commissioning Agency v MoH – Privacy lessons from the second High Court decision
Following the first court case (you can read our take on it here), and the subsequent failure of the Ministry of Health (MOH) to again release all the requested vaccination data, the Whānau Ora Commissioning Agency (WOCA) took further judicial review proceedings in the High Court....
Whānau Ora Commissioning Agency v MOH – Covid 19, Te Tiriti and cultural perspectives on privacy
The Covid-19 pandemic has brought privacy sharply into focus in many different ways over the past eighteen months. The High Court's recent decision in the judicial review proceedings brought by the Whānau Ora Commissioning Agency (WOCA) against the Ministry of Health (MoH) is one such example....