01 Mar Introducing Mandatory Notification Laws in Australia
Mandatory Data Breach Notifications and Your Business
The Federal Government has recently passed the Bill which will make mandatory data breach notifications a legal obligation for organisations with responsibilities under the Privacy Act. Organisations that may comply with the legislation included businesses with over $3 million in turnover and smaller firms that handle sensitive information such as tax files numbers and health records.
If your organisation fits into the above description, you will need to report any eligible data breaches to the Australian Privacy and Information Commissioner, Timothy Pilgrim, and notify customers who may have been affected.
The new laws bring a new dimension to the cyber risk exposure facing Australian businesses. The regulatory, reputation and potential first and third party costs associated with data breach notification can be insured through a cyber insurance policy. Not all cyber insurance policies are the same. In less than 5 minutes, depending on your needs, you can complete a proposal to allow CRM Brokers to provide you with a quote. Click here to fill out our Cyber Insurance proposal form.
In the meantime, businesses should continue to take reasonable steps to make sure personal information is held securely – including being equipped with a clear response plan in the event of a data breach. The Office of the Australian Information Commissioner (OAIC) has developed a Data breach notification — a guide to handling personal information security and Guide to developing a data breach response plan provide a best practice model, and will be updated in consultation with stakeholders ahead of the commencement of the mandatory notification scheme.
Megan O’Rourke, Special Counsel at Barry Nilsson’s Insurance & Health Group has also provided her insight into the new laws and it’s effects on Australian businesses. Click here to view her article.
This article provides information rather than financial product or other advice. The content of this article, including any information contained in it, has been prepared without taking into account your objectives, financial situation or needs. You should consider the appropriateness of the information, taking these matters into account, before you act on any information. In particular, you should review the product disclosure statement for any product that the information relates to it before acquiring the product.
Information is current as at the date the article is written as specified within it but is subject to change. CRM Brokers make no representation as to the accuracy or completeness of the information. Various third parties have contributed to the production of this content. All information is subject to copyright and may not be reproduced without the prior written consent of CRM Brokers.