Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:

News

Home / News
/
NEW ZEALAND SUPERVISORY AUTHORITY: Privacy Commissioner warns against paper-based contact tracing registers

NEW ZEALAND SUPERVISORY AUTHORITY: Privacy Commissioner warns against paper-based contact tracing registers

The New Zealand Privacy Commissioner is concerned that people are gaining access to personal information from paper-based contact tracing registers and using it in ways that breach peoples’ privacy.

The Government’s introduction of mandatory record keeping requires businesses to display a QR Code and have an alternative record keeping system, enabling them to collect contact tracing records in a privacy-protective way.

Ensuring businesses’ record keeping systems protect peoples’ privacy is a legal requirement under Privacy Act 2020.
Although most organisations and businesses know they need to provide a manual alternative to the QR Code, many are using paper registers that leave peoples’ contact details visible to members of the public.
Using an open sheet or register left in a public-facing position where personal information is visible to others is a leading cause of COVID-19-related privacy breaches. It’s important that businesses provide other methods of collecting and storing contact tracing records, but in ways which also protect the privacy of those whose details are being collected.
The Office of the Privacy Commissioner has published guidance on mandatory record keeping for contact tracing.

Privacy-protective ways of collecting and storing information for contact tracing

  • Set up a ballot box with individual paper slips or cards for people to fill in the name, date, phone number and time.
  • Have an employee manually record visitor details – this ensures that staff maintain control over the records and do not leave contact information visible to others.
  • Consider an electronic system, like a tablet sign-in app, work timesheet or an existing booking system.
  • Use a special purpose work cell phone to receive texts from customers or visitors. Simply post the cell phone number around the entrance to your service or organisation and let customers text you their name. The phone will automatically record the phone number, date and time.

SOURCE: NEW ZEALAND DATA PROTECTION AUTHORITY – OPC

Recommended to you

Advanced Research