If you use spreadsheets to track employee, customer, contractor
or supplier information, you are opening yourself up to error and
possibly breaching your obligations under the Privacy Act 1993,
Privacy Commissioner John Edwards says.
In data breaches involving spreadsheets reported to the Privacy
Commissioner, the numbers of individuals affected per breach has
ranged from dozens to thousands.
The Privacy Commissioner's tips for avoiding breaches
- If you have to maintain a database, think about a purpose-built
database management system, one that only generates the results you
- Don't email spreadsheets around. Instead:
- Export the data you need from the spreadsheet and just send
what you need, or
- Convert the spreadsheet into a PDF document before sending,
- Put only the relevant data directly into a table in the email,
- If you absolutely need to email a spreadsheet to someone, use a
password to protect it and check who you send it to.
While these precautions may seem obvious, it is clear from ACC's
well-publicised Privacy Act breaches, that a small error can turn
into a large privacy problem all too easily.