Castlepoint Systems

With new privacy laws coming into effect in New Zealand from 1 May 2026, organisations are being asked to be clearer about what personal information they collect and why. It’s a positive step for protecting citizens, but it also brings things back to a more fundamental question: What information do we actually have, and where is it stored? Without that clarity, it’s hard to properly protect what’s being stored, or put the right controls in place. And for a lot of teams, it’s just not an easy question to answer. Information spreads out across systems, gets duplicated, and builds up over time. Once you have a clearer view of that sprawl, it becomes much easier to understand how personal data is being used, what’s being shared, and how long it should (and can) be held. This is where we’re seeing more organisations focus their efforts. Getting visibility across their information, and putting governance in place that works with how their teams actually operate. If this is something you’re starting to look at, we are happy to share how others are approaching it. See how via the link in the comments below! 

The Office of the Australian Information Commissioner (OAIC) has highlighted a gap in how government agencies are reporting on automated decision-making. It’s not so much a question of whether these systems are being used, but whether they’re being explained in a way that is clear and meaningful. While agencies are required to publish this information, only a small number are doing so in a way that genuinely shows how decisions are being made. That’s where the issue starts to surface. This isn’t just about disclosing that AI is being used, it’s about understanding how decisions are reached, what information informed them, and whether that process can be stood behind if questioned. As these systems become more embedded across government and enterprise, expectations are shifting. Transparency is no longer just about disclosure; it’s about accountability and being able to justify decisions.

Years of storing everything “just in case” has created environments where:  ➡️ no one is fully across what exists  ➡️ duplication is everywhere   ➡️ sensitive personal information sits idle much longer than it should  With evolving regulatory requirements and privacy changes, this is a status quo that organisations can no longer maintain or justify. With mountains of data, and privacy breaches around every corner, organisations must keep only the personal information they still require, and be able to justify why they’re keeping it. If you’re not sure where to start, we’ve pulled together a simple checklist to help teams sense-check their current state. Download the data minimisation checklist today: https://lnkd.in/e7VQEGxk

Castlepoint CEO, Rachael Greaves, is attending The GovTech Summit 2026 in London on 16 April. It’s one of those forums where government, tech and industry actually sit down and talk about what’s working and what’s not when it comes to digital transformation, AI and public service delivery.  We’re looking forward to being part of the broader conversation. Supporting industry, sharing ideas, and staying close to where innovation, governance and security are heading next. If you’re there, it would be great to connect.

As of next week, 1 April 2026, Microsoft is retiring legacy information management and SharePoint records management features. But what does that actually mean, and what should you be doing right now, before your support runs out in April?   Read more: https://lnkd.in/eckg4Nkt    It doesn’t have to mean starting again, migrating, or changing how your teams work. But it does mean rapidly grappling with risks and impacts. The cost of migration to Purview rules management can be up to a $250,000 for a mid-size organisation, so it’s essential to stop and assess your options, before committing to that path.   If you’re relying on any of these Microsoft features, now’s the time to take a closer look. Our article explains the types of costs to plan for, and what other options you have to reduce (or completely eliminate) the pain.