Despite awareness of the new Australian privacy laws and fines for non-compliance, many SME business owners are still failing to understand how the law may impact their bottom line, argues Paul Parsons and Nigel Lester.
According to Parsons and Lester, both from Pitney Bowes, ensuring that you are complying with the new privacy principles can impact the bottom line.
“Although many companies are aware of the up to $1.7 million potential fines for non-compliance, many are failing to understand the other threats to profit the laws bring,” Lester, Director, Customer Information Management & Location Intelligence at Pitney Bowes, said. “Organisations need to ask themselves if they are just doing the minimum required to stay compliant without considering the bigger picture.”
Below is a list of four areas of business where you could start to feel the pinch under the new privacy laws.
#1. Increased data administration burden: The introduction of the laws is going to put a huge administrative burden on companies. It is vital to have processes in place to manage that. Compliance with the reforms will rely on a company's ability to cleanse and control data to ensure it is complaint across the whole business. For companies that have data across multiple offices or systems, cleansing and consolidating data will be a big, ongoing task. Once the data is cleansed it must also be regularly updated to ensure compliance.
# 2. Increased customer service resources: The new laws let customers request to see all the data a company holds on them. This will require time and resources to pull together. As customers become more aware of their ability to request information, the burden is only likely to increase. Many businesses use multiple platforms and systems across different departments and have duplicate data on the same customer. Business owners must implement systems and software that cannot only cleanse data to eliminate duplication, but also amalgamate the data in one system that can be accessed by the whole organisation.
#3. Non-compliant partners/contractors:
If your business outsources any data-collection or customer contact, you must ensure that the people you work with have the right processes in place to remain compliant, especially as any overseas businesses that have access to the information will need to be compliant with the laws too. If you work with partners or contractors, it is vital to implement a data-management strategy to ensure your customers’ data remains compliant.
#4. Training costs: Both individuals and the organisations they work for are subject to the new laws, and both can be prosecuted for non-compliance. Privacy data compliance is the responsibility of everyone within the organisation. This means training every member of staff on the changes. Privacy law should become part of the onboarding process. Businesses may need to bring in one person who has overall responsibility for privacy compliance, which means additional headcount and resources. However, this may ultimately save on ongoing costs of training new staff.