Proposed Privacy Laws and What This Means for Your Data

The Australian Privacy Act (1988) was recently reviewed, and in February, a report proposing changes to reform Australian privacy law was publicly released. In 2018, the EU completed a similar reform, resulting in the General Data Protection Regulation (GDPR).

Erasure of data

The impact of this legislation means that an individual may seek to exercise the right to erasure of any of their personal information from specific databases. One question this raises is whether we must erase personal data from our backup systems. This would be extremely costly and time-consuming for many organisations, especially for archived data that may be stored on media such as LTO tape.

If the changes are like the GDPR, then we can expect that the right to erasure will only apply to production data and will not apply to backups. However, this has implications for backup data when it needs to be restored to your active production environment!

One popular solution used to comply with the GDPR laws was to implement Veeam as their data protection platform. Veeam solves the right-to-erasure requirement by offering the ability to complete a staged restore of backup data into production. This works by restoring into a ‘sandbox’ environment where the personal data can then be identified and removed before restoring to your active production environment.

TIMG is a trusted provider of Veeam in Australia, and our experienced team can assist you with ensuring you remain compliant with backup requirements.

Another challenge that the right to erasure raises is the ability to quickly identify personal information within large data sets.

TIMG’s eDiscovery team specialise in :

• Processing large volumes of electronic data such as emails, text messages and digital images to find relevant information fast;
• Managing and handling complex types of data; and
• Transforming unstructured data into a reviewable format.

Our experts can assist you in accelerating your eDiscovery process by utilising powerful search capabilities, not only when it comes to your legal document review or preparing for trials but also by ensuring that personal data is identifiable should the need for erasure be required.

What about information stored in documents and physical archives? TIMG can offer digitisation services to convert your physical documents into digital data that is then easily searchable.

If you would like to get ahead of the upcoming changes and learn more about how we can assist you in improving your backup compliance and search capabilities, contact TIMG to speak with one of our experts.

Reference: www.ag.gov.au/integrity/consultations/review-privacy-act-1988