Notifiable Data Breaches
Flor- Hanly - Wednesday, March 14, 2018
Notifiable Data Breaches Scheme
Robust data security was legislated in Australia under the Privacy Amendment (Notifiable Data Breaches) Act 2017 which makes it mandatory for businesses to report eligible data breaches from 22 February 2018.
Under the Notifiable Data Breaches (NDB) scheme, businesses need to notify individuals and the Australian Privacy Commissioner in the case of eligible data breaches which are likely to result in serious harm to the individual.Not all data breaches are eligible.
For example, if an entity acts quickly to remediate a data breach, and as a result of this action the data breach is not likely to result in serious harm, there is no notification requirement. If 20,000 people are affected by a data breach in a minor way, with no serious harm, this also would not be captured under the legislation.
For guidance on what constitutes an eligible data breach, what serious harm means and the notification process download CPA Australia's IT checklist for small business.
For guidance on what constitutes an eligible data breach, what serious harm means and the notification process download CPA Australia's IT checklist for small business.
Related reading: Find out what a data breach would mean for your business
Connect with us whatever way you like!
Facebook
LinkedIn
Email