Notifiable Data Breaches scheme - are you ready for February 22?
The Notifiable Data Breaches scheme (or mandatory breach reporting requirements) under the Privacy Act 1988 come into force on Thursday, 22 February 2018.
Hopefully this comes as no surprise. If it does, check out our article in the 2017 Privacy Edition of CyberFiles, about this watershed change to Australia’s privacy laws, complete with our plain-speaking guide on what it means for you.
The Office of the Australian Information Commissioner has some fantastic resources to assist those still coming to grips with the changes, including guidance on:
- identifying eligible data breaches;
- conducting assessments; and
- how to notify.
The Commissioner has indicated in numerous forums that he and his office will continue to work in a collaborative fashion with business when it comes to compliance. However poor privacy practices (like those demonstrated in the recent Uber breach and alleged cover-up) will likely attract serious regulatory attention.