The Association of Market and Social Research Organisations (AMSRO) has launched new data privacy initiatives for its members at its annual Leaders Forum 2019, a practice approach for the responsible use of customer data in research and analytics.
“All companies that collect and use personal data face ever increasing risks associated with the appropriate handling of that data, as evidenced by the recent Google GDPR breach and last year’s Cambridge Analytica scandal,” AMSRO President, Craig Young, said.
Young said it is incumbent on AMSRO as the peak industry body for the research and data collection industry to support its members with up-to-date knowledge and advice on how to manage data privacy and data compliance issues.
“This ensures member organisations are not only aware of their obligations but continue to have a sufficient level of knowledge on how best to comply with legislation, uphold the highest standards and mitigate risk for both the public and clients.”
AMSRO maintains Australia’s first and only industry privacy code, under which all AMSRO members operate. AMSRO has now launched a series of best practice privacy training modules on its website for members. These modules provide guidance on complying with Australian Privacy Principles (APP) and the privacy code.
Produced in conjunction with CIE Legal there are five modules in total outlining how to handle privacy breaches (under Australia’s Notifiable Data Breach Scheme), adhering to the APPs and tips for privacy compliance. AMSRO will also be releasing the privacy modules on YouTube.
In addition, AMSRO has launched its Information and Data Security Compliance System (IDSCS), designed to be a standalone system but also to introduce and support member organisations with phase one of the ISO 27001 quality assurance audit process.
The new system is exclusive to AMSRO member organisations and is offered in association with Best Practice Certification. Member companies undertaking the IDSCS process will save approximately 30 per cent on accredited certification costs and be independently audited on an annual basis.
The benefits of AMSRO’s IDSCS system include an industry security risk management system that identifies information and data security risks and develops a system to help manage those risks.
It addresses four primary categories: communications, operations, people and IT assets, and prepares a company where it desires or requires accredited ISO 27001 certification, as the AMSRO compliance system aligns 80 per cent of the full audit requirement.
Both initiatives continue AMSRO’s strong track record in ensuring its member companies adhere to the highest ethical standards, particularly in regards to privacy. It also guarantees companies that their data is protected.
“As a $1 billion industry, research, data collection and insights is an important service that benefits all Australians. From political polls and television ratings, to surveys of customer satisfaction and the development of products and services, to studies on public health in Australia, research provides valuable information about the society in which we live,” AMSRO Executive Director, Sarah Campbell, said.
Campbell said this information helps government, commercial and not-for-profit organisations make informed decisions based upon the interests and needs of their constituents, clients and the general public.
“It is therefore important that AMSRO members lead the field in privacy compliance and protecting both the industry and the millions of Australians who engage in market and social research. This has been demonstrated by the fact that our member organisations have a 15-year record without a single finding of a privacy breach. These new initiatives continue our commitment to ensuring industry best practice.”
Personal information for market and social research (conducted by AMSRO member organisations) is collected only with consent and under strict codes and practices.
This includes the registered privacy code and an industry Trust Mark – a seal of endorsement that assures business and government organisations they are buying research that is quality-tested and meets not only ethical standards but also goes over and above minimal privacy legislation.
These new initiatives complement AMSRO’s ‘Phish of the Day’ digital platform, which highlights fake or illegitimate research activities to the public.