Story image

Six common compliance challenges A/NZ businesses face today

03 Aug 2017

Hitachi Data System has released the findings of a new report prepared by technology law firm, Fieldfisher LLP.

The researchers reviewed data retention obligations in Asia Pacific and the principles that have influenced a rise in common requirements for data capture, storage and management.

New global legislation, such as the Markets in Financial Instruments Directive II ("MiFID2"), Dodd-Frank and, looking ahead to 2018, the General Data Protection Regulation ("GDPR"), further extend the influence and power of regulators, the report claims.

Paul Bruton, business director, data intelligence, Hitachi Data Systems, Asia Pacific says that regulators today have an even more sophisticated understanding of the power of technology in advancing the compliance agenda.

As the report explains, this results in increasing regulatory requirements, for example mandating more and faster reporting, real-time data capture, and strict management of the deluge of data introduced by digital transformation.

“Businesses in A/NZ face a significant challenge with the GDPR changes coming into effect next year, and let’s not forget the far-reaching consequences of Australia’s new data breach laws,” adds Bruton.

“Now is the time to determine the roles and responsibilities in the creation and management of data within the organisation, factor these requirements into an effective data strategy, and turn the compliance conundrum into an opportunity for digital transformation and innovation.”

The paper identifies six key compliance challenges that enterprises and government agencies need to address:

1.    Capture and management 2.    Access and availability 3.    Privacy and security 4.    Integrity and authenticity 5.    Retention and preservation 6.    Disposal and defensibility

The Fieldfisher report also looks at the implications of legal frameworks for Australian and New Zealand enterprises, including the Australian Privacy Principles (“APP”) and the Information Privacy Principles (“IPP”) in New Zealand.

Simon Briskman, partner at Fieldfisher comments, “In comparison with many countries in Asia Pacific, Australia is well advanced in access and disclosure requirements. Australian law in the area has a long evolution.”

“For example, the Australian Corporations Act 2001 lays down extensive obligations for the preparation of financial reports. Regulators such as the Australian Securities and Investments Commission and the Office of the Australian Information Commissioner ensure Australia meets broad international standards on information security, data management, record keeping, disclosure and data quality.”

He says both Australia and New Zealand have legislation allowing electronic communications to be admitted in evidence in court, and there have been significant changes to the privacy laws in both countries.

“Overall, the landscape is one of increasingly sophisticated regulation that requires specific compliance solutions. Technology has become a vital part of those solutions.”

In data retention and record keeping requirements, Australia and New Zealand are in the middle bracket, with the Australia Corporations Act 2001 and the New Zealand Companies Act 1993 requiring records to be kept for at least seven years.

The period of retention varies widely across the Asia Pacific region; in Singapore the minimum is five years, in Hong Kong and India 10 years, and in China records can be required to be retained permanently, depending on the nature of the record.

Research reveals the state of AI in Australian businesses
While Australian organisations are concerned about the impact of AI on society, the research suggests Australian businesses could be doing more to minimise the potential risks.
AWS announces the general availability of AWS Ground Station
Once customers upload satellite commands and data through AWS Ground Station, they can supposedly download large amounts of data over the high-speed AWS Ground Station network.
Citrix to extend Workspace to Google Cloud
“In expanding our partnership with Citrix, we can better help these customers with their transformations by enabling them to access and run the applications their businesses depend on anywhere—simply, flexibly and securely.”
Hybrid cloud security big concern for business leaders
A new study highlights that IT and security professionals have significant concerns around security for hybrid cloud and multi-cloud environments.
“First-of-its-kind” VR training platform launches in Oz
Curiious IQ is enabled for any VR device and can stream live to small groups or up to 50 or more headsets simultaneously.
GitHub launches fund to sponsor open source developers
In addition to GitHub Sponsors, GitHub is launching the GitHub Sponsors, GitHub will match all contributions up to $5,000 during a developer’s first year in GitHub Sponsors.
Check Point announces integration with Microsoft Azure
The integration of Check Point’s advanced policy enforcement capabilities with Microsoft AIP’s file classification and protection features enables enterprises to keep their business data and IP secure, irrespective of how it is shared. 
Why AI will be procurement’s greatest ally
"AI can help identify emerging suppliers, technologies and products in specific categories."