As an advice-led insurer, FMG is encouraging farmers and growers to be aware of their responsibility under the new privacy laws and how being cyber secure can help achieve this.

If you or your business holds the private information of other people or organisations, then from December 1, the bar will be lifted on what you need to do to keep that information safe. This is to prevent a person from experiencing ‘serious harm’ like loss, damage or disadvantage from their information being exposed.

The Privacy Commission has a simple message; if you collect personal information then you need to keep it safe and treat it with care. Serious privacy breaches will also need to be reported to the Commission and to those impacted. Failure to do this could result in a fine of up to $10,000. Details on what keeping the information of others safe means, along with further details of a privacy breach can be found on the Privacy Commission’s website.

While there are many ways privacy breaches can occur, one to be particularly vigilant of at this time of the year are cyber attacks.

CERT NZ, a government agency tasked with improving cyber security awareness, is encouraging businesses to shore up their ecommerce website security with Kiwis heading online to do their Christmas shopping.

Cyber attackers won’t just be looking at online shoppers, but also weakness in businesses as well, including those across the rural sector.

Although a farm might not strike you as one of the more impacted businesses compared to a doctors’ surgery or a law firm holding on to personal information, farming businesses aren't exempt. In fact, like most businesses, farmers are holding onto more information than ever before, says FMG’s Manager Advice Services, Stephen Cantwell.

“Farmers typically hold on to employee information such as bank account details, medical records, criminal record checks, or migration information. All of these could be used to cause serious harm to affected people and may need to be reported to the Commission if there’s a privacy breach resulting from a cyber attack.

“If you’re holding the information of others, now is a good time to check you’re cyber secure. Getting you and your staff up to speed or carrying out a refresher on cyber security awareness for your business is key, and it doesn’t need to be complex.

“Simple considerations such as strong passwords and not using this on multiple sites is one example. Implementing two-factor authentication to strengthen logging into your systems is another,” says Mr Cantwell.

We have more cyber security advice and support on our website: or you can visit For information on the Privacy Act 2020 visit



Claire Broun, External Communications Specialist

Mobile: 027 302 5057