none yet
none yet
none yet
Previous entry

Privacy Notifiable Data Breaches Scheme goes live

Thursday 01 March 2018 |
Brendan Pike
NDB scheme regulation

The change that came about on 22nd February, commences the Notifiable Data Breaches scheme. When a data breach is likely to result in an individual suffering serious harm then the entity must notify both the individuals that are likely affected by the breach and the Australian Information Commissioner.

Deciding when ‘serious harm’ is likely to occur is also not an easy exercise in itself. The factors to consider if serious harm is likely include the:

  • nature of the information
  • sensitivity of the information
  • security measures that protect the information (ie - encryption in place)
  • who could have obtained or who could obtain access to the information
  • nature of the harm

The notification must include:

  • the identity and contact details of the organisation
  • a description of the data breach
  • the kinds of information concerned and;
  • recommendations about the steps individuals should take in response to the data breach.

Failure to notify is considered a serious breach and attracts fines of up to $2.1M.

It is important for organisations to recognise that the security of personal information is not just a problem for the IT department. Robust policies and procedures, training and a culture of protecting personal information are also required to prevent data breaches. Previous public examples of data breaches have included hard copy medical records being dumped without shredding – not an action that an IT department could have prevented.

Having a Data Breach Plan in place before any breach occurs is an important process to ensure that you manage the breach effectively and minimise damage to any individuals and the impact that it will have on your organisation and your reputation.

The Office of the Australian Information Commissioner has lots of information and resources to assist organisation meet their obligations.


e-Steamed Clients

  • Quote start

    I love your website; very easy to use.

    Simon, Hepburn Wind

  • Quote start

    I like the client interface that you have available – nice and simple and easy to understand.

    Yvette, Happy Child

  • Quote start

    What a wonderful service, signing up was painless too! Just wanted to pass on how impressed I am with you, I will definitely be using your service again.

    Dimi, Foundation House

  • Quote start

    My gratitude for the transcript, it's very good, thanks so much! (also the process was surprisingly easy and a relief!)

    Maureen, University of Queensland

  • Quote start

    I have now been using OutScribe for four years and found the response of the OutScribe service extremely prompt and accommodating.  I would recommend the service to anyone who needs regular information typed.

    Mark, University of New South Wales

  • Quote start

    Just a quick note to say thank you very much for the wonderful service you offer. I would highly recommend your service to our organisational partners.

    Souzi, NFP Research

Steamy Features

  • Upload all your files at once, just drag 'n' drop

    Drag 'n Drop uploads
  • Work collaboratively & privately with unlimited projects

  • Let me see if I've got this right, you need to...

    • Collaborate with colleagues from other organisations
    • On some but not all of your projects
    • While allowing others to upload and download files
    • Having different invoicing requirements per project
    • At no extra cost

    Of course we can