Requirements about storing information and keeping it secure
Storage and security of information
A government agency, business or other organisation that holds information about you must make sure that reasonable security safeguards are in place to protect the information against:
- being lost
- being accessed, used, changed or released without the organisation’s permission
- being misused in any other way.
If the organisation needs to give the information to a contractor or someone else who provides a service to the organisation, the organisation must also make sure everything reasonable is done to prevent the information being used or disclosed without authorisation.
The steps that an organisation will need to take to keep your information secure will usually depend on the type of information. For example, an organisation will usually need to protect its databases with anti-virus software, and protect its physical premises from burglary or theft by having a monitored alarm.