Privacy Update: Mandatory Notification of Data Breaches

Document

Privacy Update: Mandatory Notification of Data Breaches

25/05/17

Commencing on 22 February 2018, changes to the federal Privacy Act make it compulsory for organisations to notify specific types of data breaches (Notifiable Data Breaches or NDBs), to individuals affected by the breach, and to the Office of the Australian Information Commissioner (OAIC). A data breach occurs where “personal information held by an agency or organisation is lost or subjected to unauthorised access, modification, disclosure, or other misuse or interference.”