A data breach occurs when personal information is subject to unauthorised access or disclosure or if information is lost in circumstances where unauthorised access or disclosure is likely. A breach must be notified to the Office of the Australian Privacy Commissioner (OAIC) and all affected individuals when one or more individuals are likely to suffer serious harm as a result of the breach.
Category: Privacy Awareness Week
Our latest news and insights
A collection of case studies and articles highlighting the latest in legal news.

Privacy Week wrap up – What have we learnt?
As Privacy Awareness Week 2020 draws to a close we reflect on what businesses can do to ‘Reboot your privacy’ as well as some current hot topics in the Australian privacy space:

Data Breach – the first “Class Action” complaint made against Optus
- Many Australian businesses must disclose when they have been affected by a data breach
- While reputational damage is a critical risk for businesses, there is also the threat of monetary penalties of up to $2.1 million and orders of uncapped compensation
- A representative complaint – similar to a class action – has been made against Optus on behalf of a group of individuals affected by an alleged breach in 2019.

Privacy and Working From Home
- Privacy Awareness Week – an opportunity for all organisations to ‘Reboot your privacy’
- Organisations are responsible for the actions of their employees – this calls for innovation when ensuring the security of personal and confidential information in the “home office”
- To be effective, privacy and security arrangements must include appropriate training, clear and documented policies and procedures and management oversight.