Login
iscover
The Office of the Australian Information Commissioner has released the number of reported breaches recorded under new data security laws.
Newsletter
First lot of data breaches reported to OAIC
22 March 2018
•
10 minute read
You’re out of free articles for this month
To continue reading the rest of this article, please log in.
Create free account to get unlimited news articles and more!
In the first three weeks of the Notifiable Data Breach scheme, which came into effect on 22 February, the OAIC told Accountants Daily it received 31 notifications of eligible breaches.
Specific details relating to the type of breaches and the industries they came from are not publicly available yet. Accountants Daily understands more comprehensive details will be released around the end of the month.
The new laws apply to agencies and organisations that the Privacy Act requires to take steps to secure certain categories of personal information. This includes businesses and not-for-profit organisations with an annual turnover of $3 million or more, as well as TFN recipients.
Firms are required to notify the OAIC and affected individuals where there has been an eligible data breach.
According to the OAIC, “a data breach occurs when personal information held by an organisation is lost or subjected to unauthorised access or disclosure”.
The scope for reportable breaches is wider than most realise. Unauthorised access which requires reporting is not necessarily in the realm of a devastating cyber attack — it could be an employee, an independent contractor, or an external third party.
==
==
You can learn more about how the new laws affect accountants here.
You are not authorised to post comments.
Comments will undergo moderation before they get published.