A data breach occurs when personal information is subject to unauthorised access or disclosure or if information is lost in circumstances where unauthorised access or disclosure is likely. A breach must be notified to the Office of the Australian Privacy Commissioner (OAIC) and all affected individuals when one or more individuals are likely to suffer serious harm as a result of the breach.
While breaches are often associated with malicious attacks and hackings (such as phishing and malware attacks or impersonation), many breaches occur due to inadvertence or human error. A breach can occur if personal information is sent to the wrong person by email, if there is an unintended release or publication of personal information or if paperwork or a data storage device is lost. Between July and December 2019, breaches resulting from human error accounted for 32% of all breaches notified to the OAIC.
Talk to our Privacy and Data Protection team to properly understand your obligations.
|Disclaimer: This publication contains comments of a general nature only and is provided as an information service. It is not intended to be relied upon as, nor is it a substitute for specific professional advice. No responsibility can be accepted by Rigby Cooke Lawyers or the authors for loss occasioned to any person doing anything as a result of any material in this publication.
Liability limited by a scheme approved under Professional Standards Legislation.
©2020 Rigby Cooke Lawyers