Arinex warns against non-compliance for new data laws

Data management and compliance is one of the biggest challenges facing the events industry, leading events and conference management company Arinex has warned.

Arinex has urged clients to engage professional conference organisers (PCOs) that are fully compliant with upcoming legislative changes, including Europe’s General Data Protection Regulations (GDPR) and Australia’s Notifiable Data Breaches (NDB). Significant financial penalties apply under the European GDPR, which applies to Australian companies who hold European citizens’ personal data, while Australian privacy laws have been updated and now require self reporting. 

GDPR laws, which take effect on 25 May, were cited as a leading challenge for the events industry at a recent meeting for INCON – a global network of professional conference organisers – in Kyoto earlier this month.

It comes as Arinex finishes a full audit of its systems, to ensure that the storage and distribution of personal information is in line with worldwide regulations. Arinex CEO Tamara Kavalec, who attended the INCON meeting, said GDPR compliance was not contained to those operating out of the European Union.

“GDPR applies to any organisation handling information on European Union residents – be it clients whose headquarters are in Europe, or who have delegates that live there. It is critical their systems are compliant, which is why it is so important to engage a PCO that has the appropriate policies and insurances in place to ensure both parties are adequately protected,” she said.

“We have seen these new regulations as an opportunity to reassess our practices when it comes to retrieving, storing and sharing personal information. Our audit has helped us assess things such as; which staff have access to which documents, making sure all confidential information is being properly protected, and putting procedures in place to make sure protocol is followed if a data breach was to occur.”

Australia’s NDB scheme, which came into effect this week, forces all companies to report data breaches within 30 days after they take place.

Arinex Technology Manager Prem Bhawnani said as a means of protecting clients in the first place, added security measures had been put in place on all clients’ event websites.

“Websites are the most at-risk technology and for that reason we have increased the level of security there. As well as standard firewalls and passwords we also use IP restrictions, which stop people from logging in and making changes unless they come from a registered IP address,” he said.

“The fine for non-compliance with any of these new legislations is huge, in some cases into the millions of dollars. Quite simply, clients cannot afford to ignore it.”

For more information contact:

Emma Channon
Arinex Communications Manager
Phone: +61 (2) 9265 0805


About Arinex

Arinex is a leading Australian event and conference management company. With over 40 years of experience, Arinex diligently advises clients while strategically creating and managing their conferences, meetings, incentives, conventions and exhibitions. Arinex is a global, full-service Professional Congress Organiser (PCO) with extensive industry knowledge of the Healthcare, Government, Association, Corporate and Non-Government Organisation sectors. For more information about Arinex, visit


INCON is a partnership of leading Professional Conference Organisers (PCOs) providing consistency and continuity in conference, association and event management world wide. It provides industry advice and support, organises global events and contributes to setting new industry standards. Arinex is currently the only Australian member of INCON.