Free Call 1800 650 077
Piranha Insurance Brokers
  • HOME
  • ABOUT US
    • PIRANHA RACING
  • INSURANCE SERVICES
    • PERSONAL INSURANCE
    • REAL DEAL MOTOR SPORT INSURANCE
    • BUSINESS INSURANCE
  • KEY DOCUMENTS & RESOURCES
    • RESILIUM PRIVACY POLICY
    • DOCUMENTS
  • CONTACT US
  • Click to open the search input field Click to open the search input field Search
  • Menu Menu

Mandatory data breach notification laws to come into force

June 2, 2017/in Latest News/by admin

Parliament has recently taken steps to address issues relating to cybercrimes by passing the
Privacy Amendment (Notifiable Data Breaches) Bill 2016 on 13 February, 2017. The legislation is due to commence within 12 months of Royal Assent, with no assent or fixed date as yet.
However, once enacted the legislation will amend the Privacy Act 1998 to require entities experiencing ‘eligible’ data breaches to notify affected and ‘at risk’ individuals and the Office of the Australian Information Commissioner (OAIC) of these breaches.
The new laws will apply to entities which carry on business in Australia or are subjected to the Privacy Act 1998, including businesses and not-for-profit organisations with an annual turnover of $3 million or more, credit providers, credit reporting bodies and entities that hold the tax file number information of one or more individuals.
An ‘eligible’ data breach is:

  • Unauthorised access to, or unauthorised disclosure of, personal information held by an entity and a reasonable person would conclude that access or disclosure would be likely to result in serious harm to any of the individuals to whom that information relates; OR
  • Information is lost in circumstances where:

a. Unauthorised access to, or unauthorised disclosure, is likely to occur; and

b. Assuming such access or disclosure were to occur, a reasonable person would conclude that the access or disclosure would be likely to result in serious harm to any of the individuals to whom that information relates.

Whether access or disclosure would likely result in serious harm depends on a number of factors, including the nature and sensitivity of the information, whether there were any security measures in place and the likelihood those measures could be overcome, the characteristics of the person obtaining the information and the nature of the harm suffered by the individual.

If an entity suspects that an ‘eligible’ data breach has occurred, the following steps should be taken:

1. Within 30 days of the suspicion arising, assess the relevant circumstances and whether it reasonably amounts to an ‘eligible’ data breach;

2. If there are reasonable grounds to believe an ‘eligible’ data breach has occurred then subject to a number of exceptions, an entity should prepare a statement setting out the contact details of the entity, a description of the breach, the kind of information concerned and the steps it recommends affected individuals take in response. A copy of this statement should be provided to the OAIC;

3. If practicable, take steps as are reasonable in the circumstances to notify affected and ‘at risk’ individuals of the contents of the statement. If direct notification is not practicable, the entity should publish the statement on its website and take reasonable steps to publicise the contents of the statement.
The OAIC may also give written notice to an entity directing it to prepare the statement if it is aware there are reasonable grounds to believe that there has been an ‘eligible’ data breach.
The failure to comply with the new laws will effectively be regarded as a breach of the Privacy Act 1998 and can result in an entity being required to take remedial action, give
enforceable undertakings and pay compensation and/or fines of up to $360,000.00 for individuals and $1.8 million for corporations.
Businesses should now review their internal processes, resources and systems to ensure they can adequately respond to any potential data breaches in future. As part of this review process, we suggest contacting your broker to ensure you have adequate insurances in place for any potential cyber and privacy breaches.

Share this entry
  • Share on Facebook
  • Share on X
  • Share on WhatsApp
  • Share on Pinterest
  • Share on LinkedIn
  • Share on Tumblr
  • Share on Vk
  • Share on Reddit
  • Share by Mail
https://www.piranhainsurance.com.au/wp-content/uploads/2017/05/binary-code.jpg 484 587 admin https://www.piranhainsurance.com.au/wp-content/uploads/2024/01/Piranha-logo-RGB.jpg admin2017-06-02 08:00:162017-05-29 03:44:34Mandatory data breach notification laws to come into force

MEMBER OF

National Insurance Brokers Association
Council of Queensland Insurance Brokers

PART OF

CONTACT US

Phone 07 4927 8400
Free Call 1800 650 077

Po Box 1251
Rockhampton Q 4700

VISIT US

PIB Investments Pty Ltd t/a Piranha Insurance Brokers ABN 61 638 023 211 CAR 1281593 is an Authorised Representative of Resilium Insurance Broking Pty Ltd ABN 92 169 975 973 AFSL No 460382

We subscribe to and are bound by the Insurance Brokers Code of Practice, a full copy of which is available from the National Insurance Brokers Association (NIBA) website, www.niba.com.au.

General Disclaimer: The information on this website is to be regarded as general advice. Your personal objectives, needs and financial circumstances were not taken into account when preparing this website content. We recommend that you consider the suitability of this general advice, in respect of your objectives, financial situation and needs before acting on it. You should obtain and consider the relevant product disclosure

Online Disclaimer: This information does not take into account the objectives, financial situation or needs of any person. Before making a decision, you should consider whether it is appropriate in light of your particular objectives, financial situation or needs.

© Copyright - Piranha Insurance Brokers | Website by
  • Contact Us
Link to: Workers in the home – are you covered? Link to: Workers in the home – are you covered? Workers in the home – are you covered? Link to: Heather Peirano appointed to NIBA Board Link to: Heather Peirano appointed to NIBA Board Heather Peirano appointed to NIBA Board
Scroll to top Scroll to top Scroll to top