On 13 February 2017, the Privacy Amendment (Notifiable Data Breaches) Bill 2016 came into effect.
The scale of the changes means organisations should start preparations now.
The new law applies to public and private organisations that are already subject to the Privacy Act - this includes Australian Government agencies (excluding state and local government) and all businesses and not-for-profit organisations with an annual turnover more than $3 million. It aims to incentivise the holders of data to adequately secure or dispose of that information. It also allows individuals whose personal information has been compromised by a breach to take remedial steps to lessen the adverse impact that might arise from the breach. As a result, a number of new measures will be introduced that will require attention.
Templated document that is fully customisable