 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Australian Regulatory Compliance Review
Australian Technology and IP Business
Credit Union and Mutual Law
National Consumer Credit Reform
Personal Property Securities Australia
Longview Business Insights
Australian Private Health Insurers
Wills, Trusts, Super
Mutuals Resource Centre
Commonwealth legislation
Corporate Governance
Not-for-Profit links
Regulator Links
I’ve started travelling again and am experiencing the syndrome of the late flights getting later as planes are cancelled or put back because of earlier flights’ engineering problems etc.
So Connie Moore’s post on telepresence (the technology) and her first use of it is an encouraging sign.
Print This Post
The Privacy Commissioner has pointed out recently (see this Information Sheet) that the privacy consent you obtain from a member on signing up or on applying for a loan may not permit you to send unsolicited commercial email messages ("spam") to the member. SMS messages can be spam.
The Spam Act requires that commercial electronic messages, except where designated as "exempt", meet three conditions. They must:
You need to look at the terms of your privacy consent carefully. Does it cover the type of message you are sending?
Does the message identify you? Does it include your ABN and how you can be contacted?
Does it have an unsubscribe mechanism? In the case of SMS messages, does it clearly say how the customer can stop the messages or give an 1800 number to unsubscribe? The mechanism must be functional for at least 30 days after the message was sent and a request to unsubscribe must be actioned within 5 working days.
Print This Post
If your mobile loans officer’s laptop computer is stolen from the back of his car, do you know what information is stored on it?
How do you decide whether to tell members whose information was stored on the computer? What are your procedures for notifying your members that their personal information is at risk and that they might be subject to identity fraud? Who else should you notify (eg police, Privacy Commissioner, your insurer)?
The same questions could be asked in respect of a lost flash drive (memory stick) with your staff’s personal details, a stolen box with out of date credit reports or a CD left in an airport computer.
Whilst there is no mandatory data breach notification law in Australia yet, the Privacy Commissioner has issued a Voluntary Data Breach Notification Guide.
If you don’t yet have a policy on these issues, the Guide contains an excellent framework for decision making and good sample scenarios.
Print This Post
