Internal data leakages are almost always the result of human error, either from the person handling the customer data, or those in charge of writing, implementing and enforcing the data handling policies or setting access restrictions to sensitive data on the server, including those who no longer work for the company.
With consumers becoming more aware of their digital footprint, and the value of their privacy, these types of vulnerabilities within an organisation's processes and systems are taken seriously, she said.
"The changes to the Australian privacy laws have helped everyone realise and respect that data is not just data, it's information on human beings," Dennedy said.
"What we are aiming for is privacy by design, where businesses think about what their customers would expect from them and use that as a starting point for building a privacy framework.
"We call this 'privacy engineering' where customer privacy protection practices are embedded into every aspect of the business and at every level of employee, and that means all staff - current and past."