Every organisation is required to comply with the Privacy Act of 1988 – an Australian law which regulates the handling of personal information about individuals. This includes the collection, use, storage and disclosure of personal information, and access to and correction of that information. Some organisations are also required to comply with industry standards, such as the Payment Card Industry (PCI) Data Security Standard (DSS). The consequences for failing to meet compliance requirements can be significant, with big fines and brand damage.
CloudPort works with organisations to help them overcome the real challenges associated with implementing, maintaining and reporting on compliance requirements for the following:
Whilst HIPAA and NERC CIP are US standards and not enforced in Australia, they do define cyber security best practices for their industries, regardless of location. Australian companies sometimes refer to US standards for guidance as compliance will improve security and often deliver performance improvements and competitive advantages.