Scoop has an Ethical Paywall
Licence needed for work use Learn More

Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

Qrious Awarded ISO Privacy Certification In Anticipation Of Privacy Act Changes In December

This week Qrious was awarded the international gold standard for privacy information management, ISO 27701 certification.

This new certification was only recently created and builds on the information security standard, IS0 27001, achieved by Qrious last year. Where 27001 focused on security, ISO 27701 focuses on data privacy and is designed to ensure organisations have the robust processes and systems in place to manage and protect personal data.

According to Nathalie Morris, Qrious CEO, privacy concerns have never been more urgent: “New Zealand organisations are at risk of being hit by the perfect data privacy storm. 2020 has seen an explosion in the use of digital platforms with approximately six years of digital transformation in the past six months. That means that Kiwi companies are collecting, storing and using more personally identifiable information than ever before - at the exact same time that the risk and sophistication of privacy breaches has never been greater.

“The Privacy Act comes into effect on 1 December and will shift the onus from the consumer onto any company handling private information. Organisations will need to be able to provide proof of privacy protections; early intervention and risk management plans; and be required to provide significantly more information and control to the consumer, including where data will be processed, and for what purpose. What were fines for non-compliance, will now carry criminal liability in some cases and mandatory breach notifications. Put simply, the stakes have never been higher,” she says.

Advertisement - scroll to continue reading

Qrious was able to quickly complete the rigorous process for ISO data privacy accreditation and secured certification soon after it was released. According to Stephen Ponsford, Qrious CTO, this is reflective of the quality of the privacy policies and procedures Qrious already had in place and further proof that, as New Zealand’s market-leading data, analytics, AI and data-powered marketing business, Qrious’ number one priority is to keep clients’ customer data safe and secure.

“Trust and verification of that trust is incredibly important to us. We want our clients to trust Qrious to protect their customer data - and with ISO certification they know that trust is well-placed because external, independent auditors have rigorously assessed us against international best practice,” he says.

According to Ponsford, because data security and privacy are intrinsically linked, ISO certification in both confirms Qrious’ position as industry leaders in this space. As such, Qrious wants to encourage the broader New Zealand data industry to aspire to the same level of data security and privacy maturity that Qrious has attained - with a focus on best practice, as opposed to mere compliance.

The good news for the industry, Ponsford says, is that Qrious is committed to using its learnings from the ISO process to assist other companies: ”It’s important to acknowledge that the perfect system doesn’t exist, but we can support clients to do everything in their power to avoid issues, stop breaches and should they happen, to manage those to the international gold standard. We know what best practice looks like, we understand the new rules and legislation and can assist our clients to comply. Qrious is here to help.”

© Scoop Media

Advertisement - scroll to continue reading
 
 
 
Business Headlines | Sci-Tech Headlines

 
 
 
 
 
 
 
 
 
 
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.