Sometimes it seems a good idea to use real production data in a test environment. But doing so means security becomes even more important if you want to stop things going wrong.
Organisations sometimes get it wrong when they respond to a person’s request for their personal information. Information is sometimes lost, displaced or accidentally deleted. A recent privacy case dealt with by the Human Rights Review Tribunal considers when an organisation can call it quits when it comes to searching for personal information in responding to an access request.