Notifiable Data Breaches scheme - are you ready for February 22? Notifiable Data Breaches scheme - are you ready for February 22?

Notifiable Data Breaches scheme - are you ready for February 22?

16 February 2018 | Cyber

The Notifiable Data Breaches scheme (or mandatory breach reporting requirements) under the Privacy Act 1988 come into force on Thursday, 22 February 2018.

Hopefully this comes as no surprise. If it does, check out our article in the 2017 Privacy Edition of CyberFiles, about this watershed change to Australia’s privacy laws, complete with our plain-speaking guide on what it means for you. 

The Office of the Australian Information Commissioner has some fantastic resources to assist those still coming to grips with the changes, including guidance on:

  • identifying eligible data breaches;
  • conducting assessments; and
  • how to notify.

The Commissioner has indicated in numerous forums that he and his office will continue to work in a collaborative fashion with business when it comes to compliance. However poor privacy practices (like those demonstrated in the recent Uber breach and alleged cover-up) will likely attract serious regulatory attention.

Failure to comply with the new laws can attract fines of up to $2.1 million, so it pays to be ready. Access the OAIC’s resources here or go to their website at www.oaic.gov.au.

Megan O'Rourke

Megan O'Rourke

Special Counsel