A financial penalty of $3,000 was imposed on DataPost, as a data intermediary, for failing to make reasonable security arrangements to prevent the unauthorised disclosure of the personal data of two customers of a bank. DataPost was also directed to review its working procedures relating to data printing and enveloping operations, improve the training of its staff, and review its personal data protection policy.

Click here to find out more.