At NADA, your data privacy and security are always a priority. To continue providing our members with a secure, transparent and positive experience, we want to make you aware of some changes to our policies and processes concerning data.
We’ve updated our ICT Policy to include information on the new cloud infrastructure, including security and the introduction of the Privacy Amendment (Notifiable Data Breaches) Act 2017.
We’ve updated information in the ‘NADAbase user agreement’ of the responsibilities of NADA and the user in collecting client information.
We’ve deployed the NADAbase administrator functionality allowing members to better manage user logins and access to client data.
We’ve updated our ‘Privacy and confidentiality policy’ to include the Privacy Amendment (Notifiable Data Breaches) Act 2017.
We’ve developed a data management plan outlining the data governance in place.
A Cisco router/firewall is in place and covers all premise systems, devices, software and business processes that prevent unauthorized parties gaining access to confidential information.
NADA’s cloud server infrastructure hosted on Azure is also protected by Azure firewall policies.
NADA’s ICT consultant, Conosco is responsible for project managing all elements of security regarding the IT network with all advice, installation and testing to be carried out by the consultant. The contract includes the provision of a 6-monthly IT audit outlining the status of all security and anti-virus software to ensure validity and safety of NADA hardware, software and IT infrastructure. It also outlines the consultant’s requirement in adhering to the Privacy Act 1988, including the thirteen Australian Privacy Principles (APPs) and the Privacy Amendment (Notifiable Data Breaches) Act 2017.
For further information on NADA’s privacy and data protection policies please contact Suzie or Cass.