Home >  Blog >  Most businesses must now report data breaches

Most businesses must now report data breaches

Posted by Michael Trimblett on 9 May 2018

Protecting your business data is no longer just common sense

The chances are that if you experience any form of data breach, then not only is your company's information at risk but you are also at risk of breaching the privacy act. It's often assumed that data breach only means being hacked by a sophisticated gang from a rogue nation trying to influence votes or steal national secrets; It is more often associated with the wrongful acquisition of personal information that is residing in the databases of small to medium-sized businesses.

From February 22nd this year, the federal government has amended the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act 1988.  It now includes mandatory reporting if your business:

  • Turns over more than $3M per year or;
  • Is a credit reporting body or;
  • Is a health service provider or;
  • Is a Tax File Number recipient.

You might be surprised at what constitutes an eligible data breach and how a breach could occur. An eligible Breach refers to the unauthorised access, loss, or disclosure of personal information that could cause serious harm to the individual whose personal information was involved in the data breach.

"Serious harm" in this context, may include physical, psychological, emotional, financial or reputational harm.  This affects any business who holds personal information about their clients such as medical records or credit card details.

Examples of data breaches can be in the form of:

  • Lost or stolen laptops or other mobile electronic devices.
  • Database breaches from hacking.
  • Physical access by an individual to unsecured document recycling.
  • Unauthorised access to personal records by an employee.

Data security is an on-going issue for all businesses and this change to the privacy act has added another dimension to the responsibility of most businesses.

To notify of a data breach, visit the Office of the Australian Information Commissioner's (OAIC) website and fill in the "Notifiable Data Breach Form".  If a business fails to disclose a data breach on more than two occasions, the OAIC can seek a penalty of up to $21M.

Digital information loss is by far the hardest to protect against as hacking attempts can take place from anywhere at any time.  Simply clicking on the wrong email or visiting a compromised website can lead to your customer's data being leaked.

If you would like to discuss your computer and network security or if you would like to know more, please contact Loyal I.T. Solutions on 02-43370700 or email Michael Trimblett

LOYAL I.T.- We specialise in I.T. solutions for your business; providing software, hardware, networks, configurations, consulting and support for 15 years from our base on the Central Coast.

 

Michael TrimblettAuthor:Michael Trimblett
About: Michael has been in the information technology industry since 1998 and has a passion for everything technology. He has a technical background as a qualified network engineer, project manager and is qualified as a Certified Ethical Hacker.
Connect via:TwitterLinkedIn
Tags:SecurityNewsServicesIT ConsultingNetworking Security

Log a Job
Or an Enquiry

help@loyalit.com.au

Loyal IT
Latest news

5 December 2024
22 Years of Gratitude As December commences , we’re reflecting on an incredible milestone— finishing a m...
Read All Latest News

Our Clients
say

Adam demonstrated exceptional problem solving skills and knowledge to help us achieve a great outcome. He provided sound advice and was more than happy to share his expertise. We now has a stable, ...

Stephen King
Read All Testimonials

Resources Helpful
fact sheets

Download Our Fact Sheets

Sign Up for Newsletter