REQUEST
A QUOTE 07 5451 1118
Blog
Apr 08

It’s Now Law to Report Data Breaches

Data breach notification has become mandatory from 22 February 2018 for all entities required to comply with the Australian Privacy Act 1988. Amendments have been made to the legislation that will be known as the Notifiable Data Breaches Scheme (NBD). This scheme will strengthen the protection and handling of personal information, improve transparency around breach reporting procedures and provide consumers and the community with confidence that their personal information is being respected and protected.

 

Changes to Cyber Security legislation – What is the impact?

The NDB scheme will directly impact all entities currently captured under the Privacy Act. It requires these organisations to notify any individuals likely to be at risk of serious harm by a data breach, whereby personal information held by an organisation is lost or subjected to unauthorised access or disclosure. The following are some examples of possible data breaches:

  • A device containing your customers personal information is lost or stolen
  • A database containing your clients’ personal information is hacked
  • Client personal information is mistakenly provided to the wrong person

What if a breach occurs?

If any such breach occurs, it needs to be reported to the Office of the Australian Information Commissioner (OAIC). However, every impacted individual also needs to be formally notified and provided details as to what remedial action will be undertaken.

Significant costs may result from a serious data breach, these costs could include business interruption, reputational damage, incidence response and legal costs. For noncompliance of these changes there is the potential for large fines to be applied (including $360,000 for individuals and $1.8 Million for organisations).

Ways to protect to your business

These changes bring to the forefront Cyber risk which affects most businesses in Australia. The below tips could help protect your business in the future against breaches:

  • Establish a data breach response plan
  • Assess and manage potential risk exposure to Data Management and potential privacy breaches
  • Seek protection by implementing Cyber Risk Cover to mitigate your business’s exposure to both first and third-party costs in dealing with a cyber-attack and/or data breach issues.

We are a small business accounting service located on the beautiful Sunshine Coast and would appreciate the opportunity to help you, your friends, family and colleagues. Contact us on 07 5451 1118 for obligation-free confidential discussions today.