Did you know that the Notifiable Data Breaches (NBD) scheme was established in February 2018 for protecting personal information? Under the scheme, any organisation or government agency covered by the Privacy Act 1988 must notify individuals affected and the Office of the Australian Information Commissioner when a data breach is likely to result in serious harm to an individual whose personal information is involved.
What does this mean?
Firstly, organisations should work towards preventing rather than responding to a breach. Failing prevention the ability to respond quickly will substantially decrease the impact of the breach, those who are affected and the subsequent fines.
Did you know the Office of the Australian Information Commissioner (OAIC) publishes twice-yearly reports on notifications received under the Notifiable Data Breaches scheme?
Key findings reported by OAIC for the July to December 2020 reporting period:
- 539 breaches were notified under the scheme, an increase of 5% from the 512 notifications received from January to June 2020.
- Malicious or criminal attacks (including cyber incidents) remain the leading source of data breaches, accounting for 58% of notifications.
- Data breaches resulting from human error accounted for 38% of notifications, up 18% from 173 notifications to 204.
- The health sector remains the highest reporting industry sector, notifying 23% of all breaches, followed by finance, which notified 15% of all breaches.
- The Australian Government entered the top 5 industry sectors to notify data breaches for the first time, notifying 6% of all breaches.
- 68% of data breaches affected 100 individuals or fewer.
- 78% of entities notified the OAIC within 30 days of becoming aware of an incident that was subsequently assessed to be an eligible data breach.
Why should you be compliant?
There are several reasons why organisations should respect and comply with the rules and guidelines when it comes to data and security. But one of the vital reasons is, you should want to care. By complying with all the guidelines set out, you are showing customers you care about keeping their data safe and keeping your employees and company secure. Ensuring your customers know their details will be secure with you and that they are safe to visit your site will help improve relationships and build up respect and brand loyalty.
But there are also several other answers to the question, why should I be compliant:
- Financial Implications
- Loss of Reputation
- Loss of vendors and/or business partnerships
- Revoking of privileges and/or data processing
With the introduction of GDPR back in May 2018, organisations suddenly had to be more aware of their data and how it was handled and shared. However, there are many other frameworks you need to be compliant with, including cyber security, to ensure you remain reputable and profitable READ MORE
Solutions for you
We make it simple. You don’t have to choose. We give you everything for the price of one product starting from $39.95 per month. You get security protection for Email, PC’s, Internet and Cyber Hygiene.
- Email Security – Email threats are still one of the most prevalent security challenges for organisations.
- PC’s (endpoint) – We ensure your devices are comprehensively monitored for security threats.
- Secure Internet (SIG & DNS) – We manage security to protect your people and their data.
- Cyber Security Training – Your people are the biggest attack vector for your business. Protect your organisation with real-time security training.