Protecting data: privacy and security

Every organisation with an online presence needs to be careful about how they manage data that they collect about other people and also mindful of the security of their own data.

In the online world, nearly everything people do is recorded, leaving a ’clickstream’ trail for every user. This data can help you to learn what your customers, supporters and donors find interesting in your online offering. However, it also places an obligation on you to manage that data in a manner that will earn the trust of your customers and comply with Australia’s privacy law.

In addition, you need to take steps to maximize the security of the data held by your organisation, such as the personal data of your customers, supporters and donors, and your organisation’s data.

How well organisations protect client data from privacy breaches can become a point of differentiation between organisations. The overall level of customer and stakeholder confidence in the online activities of an organisation will affect the success of an e-commerce enterprise.

Minimising the risk of a data breach or loss requires action against specific security threats such as software viruses and malware and black hat hackers. It can also require action in the form of broader authentication and data security strategies, including back-up, business continuity planning and disaster recovery planning.

Further information about privacy can be obtained from the Privacy Commissioner’s website and further information about security can be found at the Australian Government’s Stay Smart Online website as well as the CERT Australia website. In addtion, the Internet Industry Association has an ‘ask an expert’ function in their security portal.