Data Protection & Privacy
Using Shakes lets you capture personal and business information to work with your clients.
This information is stored securely in a number of ways. 2Shakes places the protection of data and the privacy of information as a top priority in the design and operation of our solution. We adhere to the principal of Privacy by Design – which means that Privacy and protection of data were designed into our solution from the beginning rather than added on at the end. 2Shakes was developed to meet the Australian and New Zealand Government’s strict requirements for Privacy and Security.
Privacy Designed and Verified
Privacy By Design
2Shakes started on a Government accelerator programme. We place the protection of data and the privacy of information as a top priority through the design and in the operation of our solution. We adhere to the principal of Privacy by Design - which means that Privacy and the protection of data were designed into our solution from the start.
Privacy Act
2Shakes is designed to ensure your covered if you need to comply with Privacy law (i.e. with a turnover above 3 million, or are under AML, or who handle TFN information for individuals). 2Shakes tells clients what happens to the data they provide and what our privacy policy is. Our secure systems and access controls ensures information can only be used by staff who are authorised to do so.
Electronic Signatures and Proof of Identity
2Shakes electronic signatures were assess by the law firm Chapman Tripp to ensure compliance with contract and commercial law. Accepted by a range of respected organisations and government agencies. Furthermore you can combine electronic signing to a biometric identity verification system, ensuring a robust connection to the person signing to a verified identity document like a passport or driver license.
Microsoft Azure
All information is securely protected on Microsoft’s world-class Azure cloud platform. We have resilient geo-redundancy across two datacentres in Australia, maintaining data sovereignty since the information is in a 5-eyes country outside the US Patriot Act.
Privacy Assessment
2Shakes has successfully been through a in-depth privacy impact assessment undertaken by NZ largest state health insurer, the Accident Compensation Corporation.
Cloud Computing Audit
2Shakes has completed NZ Department of Internal Affairs 105 questionnaire on secure cloud computing for government. This again provides an independent confirmation that we are storing client information safely and securely online.
What you can do to improve security
You should ensure you have robust, up-to-date firewalls and anti-virus software installed on your computers. Keep on top of deleting and destroying old client files, purging folders regularly will minimise build-up. In general sensitive data shouldn’t be kept for longer than necessary.
2Shakes provides technology you can use to improve the security and privacy of client data:
2 Factor Authentication: 2Shakes requires users to set up 2 Factor Authentication (2FA). Using 2FA dramatically increases your security and reduces the risk that someone could log on to 2Shakes with your user name and password.
Identity Verification: 2Shakes will allow you to confirm the identity of your clients. Identity verification (IDV) dramatically increases assurance that the person signing is who they claim to be. We will allow you to verify them Biometrically using their mobile phone. Biometric IDV captures the ID Document and the person’s live image, checks they match, then validates the data against the ID issuer and other trusted sources. Alternatively, you can sight the original document when you meet your client face to face. If you take a photocopy or scan of an identity document we allow for you to upload it to 2Shakes so that the credentials are stored securely in the cloud, rather that having ID copies lying around the office!
If you are unsure of any part of the process, or need further information, email support@2shakes.com.au.