Some quick answers for Offshore Guidance

October 28, 2008 – 2:00 pm Lindy Siegert

Congratulations! You’ve looked at the Offshore Guidance but you need a quick answer and it’s 29 pages of heavy reading.

Would some quick check tests for those of us with smaller projects help? Here goes:

  1. Will you be signing or “clicking through” a service agreement of some kind? This includes any and all End User Licence Agreements (EULAs) or agreements to Terms & Conditions. Have you checked with your legal advisers? You’d check with them if you were signing a paper-contract on behalf of your agency, wouldn’t you?If you haven’t checked with your legal advisers, please check those licences or terms and conditions for wording like this:

    “You agree to hold harmless and indemnify Intergalactic Suppliers from and against any third party claim arising from or in any way related to your use of the Service, including any liability or expense arising from all …”

    If you find those kinds of words, go talk to your legal advisor about Section 65ZC of the Public Finance Act or Section 163 of the Crown Entities Act or read the page on Big Picture Risks and then talk to your legal advisor.

    And while you’re carefully reading those terms and conditions, you might want to look out for any that claim ownership of any information you might want to post or require you to agree to certain licence arrangements. If there are those kinds of terms, maybe read the section on Security and Integrity Risks and if you have any questions – that’s right, go talk to your legal advisers.

  2. Will you (effectively) be sending personal information offshore or seem to be encouraging or requiring people to send their personal information offshore?Your agency is still responsible for meeting requirements under the Privacy Act 1993 for that personal information including security and providing access to it by the person concerned.You might want to check the information on the Privacy Risks page about your options because you do have options. I intend to cover some personal information scenarios in another post. You probably should find out who is your agency’s Privacy Officer and have a chat.

  3. Is what you are doing creating business records? Or, to put it another way, if the activity was being done here in NZ, would you need to keep that information in your agency’s records management system?If the answer is “yes”, will you be able to meet your agency’s responsibilities under the Public Records Act 2005? If you don’t know, you might want to have a chat with your records management people. And read the section on Security and Integrity Risks before you do.

  4. Is any of the information that might go offshore absolutely essential to the daily responsibilities of your agency? If you lost access to that information would vital services stop? This might become more of an issue in future as more services go online.

  5. Is any of the information classified as “in confidence”, or higher? Are there any other sensitivities around the information? You might want to talk to someone in your agency knowledgeable about responsibilities around classified information.

Next post will have some scenarios about personal information and offshore companies. You may be surprised by the answers.

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google

Technorati Tags: , , , , ,

This entry was written by Lindy Siegert, posted on at 2:00 pm, filed under Guidance and tagged , , , , , . Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

Post a Comment

Please note that, in adding a comment, you will be taken to have read and agree to In Development's Terms of use.
Be constructive, keep it clean, stay on topic, no spam.

Your email is never published nor shared.