The Notifiable Data Breach Legislation will commence on 22 February 2018. It applies to eligible data breaches that occur on, or after, that date. The NDB is an amendment indicating that companies will be legally obliged to notify the Privacy Commissioner and their clients of data breaches, with fines of up to $1.8 million for non-compliance. It’s time to be prepared.
The NDB represents a big step forward in Australia’s cyber security defences. Consumers can feel more secure in the knowledge that they will be promptly notified if their data is involved in a serious breach which is essential if we’re going to maintain the public’s trust in business. The NDB scheme will apply to businesses, Australian Government agencies, and other organisations that are already required by the Privacy Act to keep information secure.
Australia continues to have one of the highest rates of cybercrime in the world and threat-intelligence sharing is our best defence. The information-sharing required by the legislation will also mean businesses and organisation are more aware of potential cyber risks and vulnerabilities.
Many originations are breached and don’t even know it. The focus on prevention is important and encompasses many parts, from patch management, privileged account management, network security architectures to name a few.
Forward thinking organisations will also embrace this as an opportunity to review how their company manages and protects the data, and better prepare themselves for managing a breach when it occurs – who is managing the breach response, who is notifying the customer, who is notifying the Commissioner?
Are you ready for dealing with unauthorised access, disclosure or loss of personal information in Australia from that date? Do you know what constitutes a breach? Do you know what details must be reported? Do you know what can you do to prevent a breach that needs to be reported?
Get in touch with us to run an audit on your security and policies so you are protected and your customer’s data is safe.