From 22 February 2018, the Privacy Amendment (Notifiable Data Breaches) Act 2017 comes into effect.
The Notifiable Data Breaches (NDB) scheme applies to all agencies and organisations with existing personal information security obligations under the Australian Privacy Act 1988 (Privacy Act). The NDB scheme introduces an obligation to notify individuals whose personal information is involved in a data breach that is likely to result in serious harm. This notification must include recommendations about the steps individuals should take in response to the breach.
Organisations have a legal responsibility to balance the public interest for free and transparent transfer of information with the protection and appropriate respect of personal information. The Notifiable Data Breaches Scheme (the Scheme) will be effective from the 22 February 2018. This Scheme requires all organisations which fall under the Privacy Act to notify the Australian Information Commissioner and consumers / clients of any data breaches which may cause serious harm to them. This course outlines the legal and ethical responsibilities of both organisations and staff to ensure the privacy of personal or sensitive information and the steps that should be taken in the event of a breach.