Monday, October 30, 2017 - Posted by Michael McCulloch
The Office of the Australian Information Commissioner ("OAIC") has recently published new draft resources for the Notifiable Data Breaches ("NDB") scheme which commences on 22 February 2018.
The resources include:
- Assessing a suspected data breach;
- What to include in an eligible data breach statement;
- New online forms to assist organisations in preparing a statement about an eligible breach to the OAIC; and
- A new chapter in the OAIC's Guide to Privacy Regulatory Action on data breach incidents.
The NDB obligations apply to business, the Australian Government and other organisations already bound by the Privacy Act to keep information secure. Generally, small businesses with a turnover of less than $3 million will not have any obligations under the scheme.
Feedback can be provided to the OAIC regarding the draft changes via email firstname.lastname@example.org
before 23 October 2017.