Home >  Blog >  Most businesses must now report data breaches

Most businesses must now report data breaches

Posted by Michael Trimblett on 9 May 2018

Protecting your business data is no longer just common sense

The chances are that if you experience any form of data breach, then not only is your company's information at risk but you are also at risk of breaching the privacy act. It's often assumed that data breach only means being hacked by a sophisticated gang from a rogue nation trying to influence votes or steal national secrets; It is more often associated with the wrongful acquisition of personal information that is residing in the databases of small to medium-sized businesses.

From February 22nd this year, the federal government has amended the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act 1988.  It now includes mandatory reporting if your business:

  • Turns over more than $3M per year or;
  • Is a credit reporting body or;
  • Is a health service provider or;
  • Is a Tax File Number recipient.

You might be surprised at what constitutes an eligible data breach and how a breach could occur. An eligible Breach refers to the unauthorised access, loss, or disclosure of personal information that could cause serious harm to the individual whose personal information was involved in the data breach.

"Serious harm" in this context, may include physical, psychological, emotional, financial or reputational harm.  This affects any business who holds personal information about their clients such as medical records or credit card details.

Examples of data breaches can be in the form of:

  • Lost or stolen laptops or other mobile electronic devices.
  • Database breaches from hacking.
  • Physical access by an individual to unsecured document recycling.
  • Unauthorised access to personal records by an employee.

Data security is an on-going issue for all businesses and this change to the privacy act has added another dimension to the responsibility of most businesses.

To notify of a data breach, visit the Office of the Australian Information Commissioner's (OAIC) website and fill in the "Notifiable Data Breach Form".  If a business fails to disclose a data breach on more than two occasions, the OAIC can seek a penalty of up to $21M.

Digital information loss is by far the hardest to protect against as hacking attempts can take place from anywhere at any time.  Simply clicking on the wrong email or visiting a compromised website can lead to your customer's data being leaked.

If you would like to discuss your computer and network security or if you would like to know more, please contact Loyal I.T. Solutions on 02-43370700 or email Michael Trimblett

LOYAL I.T.- We specialise in I.T. solutions for your business; providing software, hardware, networks, configurations, consulting and support for 15 years from our base on the Central Coast.

 

Author: Michael Trimblett
About: Michael has been in the information technology industry since 1998 and has a passion for everything technology. He has a technical background as a qualified network engineer and project manager and is committed to doing business in the I.T. industry ethically as prescribed by the Australian Computer Society's Code of Professional Conduct.
Connect via: Twitter LinkedIn
Tags: News Services Security IT Consulting Networking Security

Latest News

Business data backup by the numbers 321

Jun 11 2018
Like currency, your business data is life-blood; and there are many ways that business data ca...

Email contact

help@loyalit.com.au

for enquiries or log a job.

Hi Mick/Josh, Just a brief note to thank you both for your assistance in getting the new Beresfield site up and running.

Bruce was up there this morning and said everyone was pleased and amazed at how everything was up and running with no problems.

So thanks for your great service! Regar...

David Selle
Read All
Bookmark SiteTell a FriendPrint