single touch

Notifying a data breach

Notifying a breach If a breach is assessed to potentially result in serious harm, you are obliged to advise affected individuals and the Australian Information Commissioner. You have the option to: Notify all individuals whose personal information is involved in the eligible data breach Notify only the individuals who are at likely risk of serious…

risk-blocks

Assessing NDB risk

Taking all reasonable steps to assess NDB risk The Privacy Act already requires organisations to take all reasonable steps to protect personal information. The new data breach laws merely add an additional layer to assess breaches and notify where the breach poses a threat. For example, if you have not already, you should assess issues…

gavel

NEW Data breach laws

New data breach laws come into effect The Notifiable Data Breach (NDB) Scheme In October last year, almost 50,000 employee records from Australian Government agencies, banks and a utility were exposed and compromised because of a misconfigured cloud-based ‘Amazon S3 bucket’. AMP was reportedly one of the worst affected with 25,000 leaked employee records. ITNews…