Blog Image
Profile Image Verifile
May 19 2014

Australian Privacy Act Changes Smell SOXish

"The Privacy Amendment (Enhancing Privacy Protection) Act 2012 was passed in November 2012 and includes a new set of harmonised privacy principles that regulate the handling of personal information by both Australian businesses and government agencies. Unfortunately, these commendable changes introduce problems that reflect the ambiguity of the Sarbanes-Oxley (SOX) legislation in the U.S. Enacted in 2002, the SOX law enhanced standards for U.S. public company boards, management and public accounting firms that required top management to The Privacy Amendment (Enhancing Privacy Protection) Act 2012 was passed in November 2012 and includes a new set of harmonised privacy principles that regulate the handling of personal information by both Australian businesses and government agencies. Unfortunately, these commendable changes introduce problems that reflect the ambiguity of the Sarbanes-Oxley (SOX) legislation in the U.S. Enacted in 2002, the SOX law enhanced standards for U.S. public company boards, management and public accounting firms that required top management to individually certify the accuracy of financial information, applying much more severe penalties for fraudulent financial activity. While SOX has raised the compliance bar for corporate reporting, it has had the unintended impact of creating a lot of uncertainty due to lack of precision. In fact, SOX compliance costs and complexity have run out of control in the U.S. Australian organisations will face the same dilemma with the new Australian privacy law - they ""must take reasonable steps"" to demonstrate compliance with the new legislation without a clear understanding of exactly what is required. To successfully comply, both public and private sector organisations need to take special note of key changes to the law and act now to prepare for March 2014.
"