Notifiable Data Breach Scheme

May 10, 2018

Notifiable Data Breach Scheme

BY James Bergl

Cybersecurity

Notifiable Data Breach Scheme. Effective as of February 22, 2018 leaving more than 50% of Australian businesses with exposure.

With new regulations governing how Australian businesses and organisations must now respond to data breaches, a recent 2018 survey conducted by MinterEllison shows that only 40 percent of Australian businesses are actually prepared.

With this new regulation in place, immediately, the Australian commissioner placed 31 organizations under scrutiny. The timing for businesses nation wide to internally address this issue is critical. So what must we be aware of and how do we prepare?

It's noteworthy to understand what a data breach is and how they can occur. Typically, a simple mistake ...or human error if you like, is the most likely scenario, followed closely by a breach from hackers, viruses, malware and the like. Anything that may jeopardise the privacy and security of any personal information and cause harm. If this happens, it must be reported to the OIAC via oaic.gov.au. A professional response must also take immediate effect to notify those who may be at risk and a policy created and adhered to, to mitigate any damages.

Whilst it may now be standard business practice to purchase insurance or antivirus software, it is now expected that the same level of care is taken internally through a set of systems, policies, and procedures to further protect the private information of individuals. The NDB scheme applies to any and all organisations, including government bodies, agencies, NFPs and businesses that have an annual turnover of over $3m.

As far as the commissioner is concerned, businesses must assume responsibility for both preventative and curative measures. Whilst the nature of data breach and personal information is serious with severe consequence, it is a positive opportunity indeed for executives to have an increased awareness. Helping them continue to develop their internal systems, policies and above all protect their client base. In many cases, the damage caused by data breach is horrifying and unsettling, and for businesses, the relationship and trust with their clientele ... Irreparable.

With the ever-growing power of information and technology, we must take on board the responsibility and obligations to use it to protect everyone's best interests. Clear guidelines on how to prepare and respond, who to notify and what to report can also all be found on the oaic.gov.au website.

Remember, stay safe, get prepared. Request a demo today

Subscribe to the Blog