Cyber Security – Mandatory Data Breach Notification Regime

The Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth) commences effect on 22 February 2018, when specified organisations and entities including Australian Government Agencies must comply with the mandatory data breach notification regime, including being able to assess whether an eligible data breach has occurred and, if necessary, to comply with their notification obligations. Failure to report or notify individuals may require organisations to make a formal public apology, pay compensation to any affected persons and pay large civil penalties. As the deadline is approaching legal advice ought to be obtained to see if you are ready to respond appropriately to data breaches.