News + Insights

Notifiable Data Breaches Scheme requires entities to report data breaches

The Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 establishes requirements for entities in responding to data breaches. Entities have data breach notification obligations when a data breach is likely to result in serious harm to any individuals whose personal information is involved in the breach. 

The passage of the Privacy Amendment (Notifiable Data Breaches) Act 2017 established the Notifiable Data Breaches (NDB) scheme in Australia. The NDB scheme applies to all agencies and organisations with existing personal information security obligations under the Australian Privacy Act1988 from 22 February 2018.

 

The NDB scheme obligates agencies and organisations to notify individuals whose personal information is involved in a data breach that is likely to result in serious harm. This notification must include recommendations about the steps individuals should take in response to the breach. The Australian Information Commissioner must also be notified of eligible data breaches.

Agencies and organisations must be prepared to conduct a quick assessment of a suspected data breach to determine whether it is likely to result in serious harm, and as a result require notification. When an agency or organisation is aware of reasonable grounds to believe an eligible data breach has occurred, they are obligated to promptly notify individuals at likely risk of serious harm.

The notification to affected individuals and the Commissioner must include the following information:

  • the identity and contact details of the organisation

  • a description of the data breach

  • the kinds of information concerned and;

  • recommendations about the steps individuals should take in response to the data breach.

For more information visit: https://www.oaic.gov.au/privacy-law/privacy-act/notifiable-data-breaches-scheme

Focused on the Fundamentals

Focused on the Fundamentals

LinkedIn icon.jpg
twitter icon.jpg

Harriss Wagner

 

General enquiries

enquiry@harrisswagner.com

careers@harrisswagner.com

Sydney

Level 29, Chifley Tower

2 Chifley Square

Sydney NSW 2000

Australia

T +612 9293 2516

Melbourne

Level 18

101 Collins Street

Melbourne VIC 3000

Australia

T +613 9653 7333

Brisbane

Level 19

10 Eagle Street

Brisbane QLD 4000

Australia

T +617 3121 3148