Veracity Technology is committed to designing and building IT platforms that help our clients transform their businesses and create modern workplaces.
A critical part of the modern workplace is cyber security. From Thursday 22 February 2018 all organisations governed by the Privacy Act will be obligated to notify customers whose personal information has been involved in a data breach that is likely to result in serious harm. The Australian Information Commissioner (OAIC) must also be notified of eligible data breaches.
This obligation has been established after many years and several aborted attempts to pass new legislation. On 13th February 2017 the Privacy Amendment ‘Notifiable Data Breaches’ (NDB) Act 2017 was brought into law.
What do you have to do?
Businesses affected by an eligible data breach must notify the Privacy Commissioner and affected customers “as soon as practicable” after becoming aware that a breach has occurred.
If an organisation suspects that a data breach has occurred, it will have to complete an assessment within 30 days to understand whether a breach has occurred and if it needs to notify.
What should you do now?
You should immediately:
- Implement practices, processes, and systems to secure personal information. Which would include training all staff on cyber security and how they should act.
- Prepare a data breach response plan to ensure you are ready to act quickly to suspected breaches.
- Read more about your obligations under the NDB scheme, you will find further information and useful resources on the OAIC website here.
Veracity Technology is a leading IT service provider helping industry leaders transform their businesses. We provide digital strategy, IT platform design and implementation and remote IT monitoring and support to Australian businesses and government agencies. Contact us today on 1300 850 172 or email@example.com.
Image: Searsucker, 2001 by Anne Wallace