The Office of the Australian Information Commissioner (OAIC) has received a total of 63 personal data breach notifications since the Notifiable Data Breaches (NDB) scheme came into effect on February 22, 2018. This figure and the nature of the data breaches...
Your organisation’s data breach response plan needs to incorporate the requirements of the NDB scheme for assessing suspected eligible data breaches. OAIC has available on its website a Guide for developing adata breach response plan, which includes a useful data breach response checklist. This is ...
In addition, data breaches that are notified under s75 of theMy Health Records Act 2012do not need to be notified under the NDB scheme as they have their own binding process to follow, which also lies under the umbrella of the OAIC. Read more:OAIC received 114 voluntary data breach n...
As Datateks took much longer than this, the OAIC found that it had breached the Privacy Act by not complying with the requirements of the NDB scheme. Datateks was ordered to take steps to prepare an incident response plan to improve its ability to respond to...
network or physical location. The OAIC generally considers impersonation fraud to be an eligible data breach under the NDB scheme where the personal information the entity holds is accessed by a third party and results in a likely risk of serious harm. This will be the case even when the mali...
The Office of the Australian Information Commissioner (OAIC) has received a total of 63 personal data breach notifications since the Notifiable Data Breaches (NDB) scheme came into effect on February 22, 2018. This figure and the nature of the data breaches...