A data breach occurs when personal information is subject to unauthorised access or disclosure or if information is lost in circumstances where unauthorised access or disclosure is likely. A breach must be notified to the Office of the Australian Privacy Commissioner (OAIC) and all affected individuals when one or more individuals are likely to suffer serious harm as a result of the breach.
Byline: Emma Simpson
Our latest news and insights
A collection of case studies and articles highlighting the latest in legal news.
- Many Australian businesses must disclose when they have been affected by a data breach
- While reputational damage is a critical risk for businesses, there is also the threat of monetary penalties of up to $2.1 million and orders of uncapped compensation
- A representative complaint – similar to a class action – has been made against Optus on behalf of a group of individuals affected by an alleged breach in 2019.
- Privacy Awareness Week – an opportunity for all organisations to ‘Reboot your privacy’
- Organisations are responsible for the actions of their employees – this calls for innovation when ensuring the security of personal and confidential information in the “home office”
- To be effective, privacy and security arrangements must include appropriate training, clear and documented policies and procedures and management oversight.
Landlords, take advantage of COVID-19 insolvency legislative reform: now is the time to register security interests in cash security deposits on the PPSR
- Landlords should register security interests on the PPSR in cash security deposits or cash bonds paid under a commercial or retail leases
The Commonwealth Notifiable Data Breaches (NDB) scheme has now been in place for over 18 months and has been widely publicised. Your organisation should be aware of its obligations and have a data breach response plan in place so that quick action can be taken if a breach occurs or is suspected to have occurred.