Get Ready! Australia’s Notifiable Data Breaches Scheme is now in Effect
Yahoo, eBay, Target, Equifax. What do all these companies have in common? All are giant multinationals who have been affected by disastrous data breaches in the past few years, where the personal data of hundreds of millions of customers was severely compromised.
As data management systems get more complex and hackers more ingenious, organizations that handle confidential personal information are coming increasingly under fire for not doing enough to protect their clients’ confidential personal details.
Some government organizations have started fighting back against this worryingly increasing trend by enacting tough new regulations to protect the personal information of individuals and prosecute organizations that allow data breaches to happen through negligent or ineffective data protection protocols. By now, you may have heard of the European Union’s upcoming General Data Protection Regulation, a serious piece of legislation aimed at protecting the personal information of over half a billion EU residents.
On the other side of the world, the Australian government has put into effect an amendment to a similar law called the Privacy Amendment (Notifiable Data Breaches) Act 2017 in order to safeguard the personal information of Australian residents and mandate the notification of data breaches by affected organizations that handle such data.
The Notifiable Data Breaches scheme has the support of the vast majority of Australians. Almost all survey respondents agreed that a government agency (95%) or private business (94%) should notify individuals if their data is compromised. More than 80% also agreed that data breach reporting should be mandatory.
Infographic courtesy of the Office of the Australian Information Commissioner
Are you ready to comply with the new data breach notification laws? According to Canon Australia’s Business Readiness Index (2018 Information Security Edition), less than half of Australian businesses are aware of the changes in the regulations and what this means for them.
The first step is to inform yourself about what the law is and how it affects you. We’ve put together a whitepaper that gives an overview of the subject and the types of things you need to do to prepare (download here).
Next, check out the resources and help guides made available by the Office of the Australian Information Commissioner (OAIC) in regards to the new regulation:
- Data breach guidance
- Receiving data breach notifications
- What to do after a data breach notification
- What to include in an eligible data breach statement
Although there is much to do to prepare, the important thing to keep in mind is that this law is a step in the right direction. The Privacy Amendment (Notifiable Data Breaches) Act 2017 provides an opportunity for us to focus on safeguarding our customers’ privacy a little better. And that’s a good thing.
Because at the end of the day, we are all also customers of somebody else’s company. And the Notifiable Data Breaches scheme is meant to ensure that those companies will also be protecting our personal data with a little more care and be held accountable in case of a data breach.
Graphics credit: Elements from Freepik used in design.En arrière