From the ACMA: The Australian Communications and Media Authority (ACMA) has formally warned AAPT Limited (AAPT) regarding its to protect the privacy of its customers’ personal information as required by the Telecommunications Consumer Protections Code (TCP Code).
The ACMA initiated an investigation into AAPT following media reports that some of AAPT’s customer data had been stolen. The ACMA found that AAPT had failed to protect the personal information of some of its small business customers whose billing and related personal information it had collected. The personal information was stored in a server offsite, managed by a third party, and was the subject of a hacking incident.
ACMA Chairman Chris Chapman made the following remarks:
“Consumers need to have confidence that the personal information they give their provider is treated appropriately, and is only accessed by those authorised … They also want to know that their details are stored securely with appropriate access restrictions.”
AAPT took steps after the incident to improve their protection of customer data, and has promoted greater staff awareness of privacy policies and the TCP Code. In the context of those steps, the ACMA considered a warning to be sufficient.
Read the full story from the ACMA here.
You can find more information about the TCP Code from Nicholls Legal here and here. A full copy of the code is available here.