Preparing for the Notifiable Data Breach Scheme
The Notifiable Data Breaches (NDB) scheme commenced in Australia on 22 February 2018.
What is the NDBS?
The NDB scheme requires organisations covered by the Australian Privacy Act 1988 (Privacy Act) to notify any individuals likely to be at risk of serious harm by a data breach. It is designed to help protect the privacy rights of individuals, and strengthen community trust in businesses and agencies.
Under the legislation, an eligible data breach occurs if there is “unauthorised access to, unauthorised disclosure of, or loss of, personal information held by an entity” or information is lost in circumstances where “unauthorised access to, or unauthorised disclosure of, the information is likely to occur” and “the access, disclosure or loss is likely to result in serious harm to any of the individuals to whom the information relates.”
Organisations are obliged to notify individuals affected by an eligible breach as well as the Office of the Australian Information Commissioner.
What has Mainstream done to prepare for the NDBS?
In preparation for the scheme Mainstream has conducted a review of processes, policies and procedures and security safeguards that help to protect the personal information we collect and store on behalf of our clients. We are pleased to report that all of these existing safeguards met the high standards required.
If you would like to receive more information on Mainstream’s approach to privacy or to request a copy of our NDB Scheme Policy and Procedures please contact us.
This article is not intended to be financial advice and is of a general nature only that does not take into account your individual objectives, financial situation or needs. While all efforts have been made to ensure the information contained in this article is accurate, errors may occur.