Under Australia’s Privacy Act, organizations that hold people’s tax file numbers (TFNs) must securely destroy or permanently deidentify those TFNs once they no longer have a legal reason for storing them. This might happen when someone stops being a customer.
Australia’s privacy regulations pay particular attention to TFNs because of the potential for them to be used in fraud and identity theft.
RISKS AND CHALLENGES
Managing these risks can be challenging. In large organizations, TFNs can be stored within vast oceans of data, in many different locations and file formats. This may include scanned handwritten documents such as application forms.
Without powerful technology to find and redact TFNs, the task of compliance can be almost impossible. If not dealt with properly, this sensitive information can be exposed in an instant by an embarrassing and costly data breach.
BIG FOUR BANK
To help proactively manage these risks, one of Australia’s Big Four banks recently deployed Nuix Workstation and the Nuix Data Finder plugin to find and redact TFNs across more than 240 million documents.
Using the unmatched power and speed of the patented Nuix Engine, bank staff quickly scanned the documents and identified those containing TFNs, significantly reducing the bank’s compliance risk profile within a very short timeframe.
PRIVACY DATA IS A GLOBAL ISSUE
Australian banks aren’t the only organizations facing this challenge. Healthcare providers, insurers, professional services firms and government agencies often hold enormous amounts of private and sensitive data. Privacy laws around the world strictly require organizations to only hold private data they need for business purposes and to ensure they remove any personally identifiable information they no longer have use for.
As volumes of data in the world increase at a compound annual growth rate of 23% – doubling every three years – this will become an impossible problem very soon unless organizations invest in the right technology to solve it.