The Notifiable Data Breaches scheme commences today
Australian Government agencies and the various organisations required to secure personal information under the Privacy Act 1988 (Privacy Act) now have data breach notification and assessment obligations under the Notifiable Data Breaches (NDB) scheme.
As of 22 February 2018, these agencies and organisations are required to notify individuals affected by a data breach that is likely to result in serious harm.
They are also obligated to notify the OAIC.
We have published a range of guidance on the NDB scheme.
For information on how to comply with the requirements of the NDB scheme, view our resources for regulated entities.
We have also published a new guide titled Data breach preparation and response, which collates our previously published guidance on data breach notifications, developing a data breach response plan, and the NDB scheme. It’s a valuable resource for all staff involved in privacy compliance.