Are you ready for the new data breach laws?
Like you, many consumers are concerned about how their personal information and valuable data is being used in this tech savvy age. As a result, Parliament has passed a new bill for mandatory data breach notification laws which became active on 22nd February 2018.
Any business that suffers an eligible data breach will now have to report the matter to the Office of the Australia Information Commissioner (OAIC) and any individual whose data has been compromised must also be notified. An eligible breach can include unauthorised access, unauthorised disclosure or loss of personal information which is likely to result in serious harm to the individual. Experts estimate a data breach will cost businesses between $150 to $250 per record.
Every business should have a data breach plan to comply with their obligations under the Privacy Act 1988 (Cth) (Privacy Act). The OAIC has provided an excellent guide to help SME businesses understand what the new laws are, what is a notifiable breach, how to be prepared for a data loss and how to respond when a breach occurs.
Since the new laws became active on 22nd February 2018 there have been 305 data breach notifications made by businesses to the OAIC. Of those breaches 59% resulted from malicious cyber hacking, 36% from human/employee error and only 5% from system faults.
When developing your own plan here are some helpful tips to protect your business:
- Implement a password management software system
- Ensure systems patches are actioned immediately
- Back up your data regularly and store it offsite and securely
- Understand the data you hold and how sensitive the data is
- Prepare a data breach plan and provide ongoing education to staff
- Disable any dormant user accounts to prevent unauthorised access
- Secure portable devices such as laptops, USB sticks, tablets and mobile phones
- Expanding your protection to include cyber and privacy insurance
For advice on the best way to protect your business from cyber-attacks contact us today.
1300 6923 7648 www.myadroit.com.au