ANZ e-statement update (11 January 2012)

Statement from Australian Privacy Commissioner, Timothy Pilgrim

“ANZ are continuing to keep me informed about their progress in investigating and resolving this matter. I am pleased to see that they promptly sought to notify affected customers and put in place steps to reduce any potential impacts on those customers.  All organisations are encouraged to let us know if an incident like this occurs so that we can work with them to help them improve their practices.

In 2011 we saw an increased  number of companies affected by data breaches, some caused by malicious cyber-attacks others by human error. Incidents like these can have a significant impact on the trust consumers have in companies who appear not to have the appropriate level of protection in place for the personal information they hold.

Organisations should think very carefully about how their systems will impact on the privacy of their customers.  They can do this by undertaking privacy impact assessments when considering implementing  new systems or undertaking system upgrades. Privacy considerations should be built in early in the design of new systems and not left as an afterthought at the end of the process as this can often lead to substandard protections being in place.”