Data Breach Laws Started

Many Australian businesses are unaware that the new Federal laws on mandatory reporting of data breaches is now in effect for all businesses.

The Notifiable Data Breaches (NDB) scheme has progressively rolled out and now applies to small businesses as well large corporates.

The NDB requirements are part of the Federal Privacy Act 1988, and the Victorian Privacy and Data Protection Act 2014.

A data breach occurs when personal information held by a business is lost or subject to unauthorised access or disclosure.

This could include if device containing customers’ personal information is lost or stolen, or a database containing personal information is hacked or accidentally provided to the wrong person.

A growing exposure for data breach occurs where employees are allowed to work from home or remotely, and very few small businesses have a policy on staff bringing personal computer devices to work.

Every business should at least include this exposure on their Key Risks Register.

For a Fact Sheet on Key Risks Registers just call or email us.