Data Breach Reporting
What is a Data Breach?
We’ve recently shared information about how frequently large Australian companies are falling victim to data breaches, in fact, according to OAIC’s latest report, notifications of data breach have increased by 19% and a total of 537 reports were made between July-December 2019.
A data breach is when there is unauthorised access or disclosure of personal information that could result in serious harm to any individual.
Data breach can result in loss of information and be difficult for businesses to remediate.
Although it is not mandatory to report all breaches to the commission it is important that you consider notifying those affected and are demonstrating that you have a process in place to ensure minimal damage to any individuals involved. Reporting to OAIC is a great way to show accountability and the importance of protection to those individuals.
If you are unsure if it is mandatory for your business to report data breaches you can find out by contacting the Office of Australian Information Commissioner (OAIC).
There are a lot of reasons a data breach might occur, human error being one of them, however, malicious and criminal attack is the most common.
Health service providers were at the top of the list to be attacked with 117 reported breaches.
When we consider the type of information that is potentially accessed can we confidently say that we are doing everything we can to avoid potential attacks?
Let’s take a quick look at human errors that could cause a data breach. Something as simple as leaving your computer unlocked and unattended, losing an important document or USB with files, emails sent to unintended recipients or opening an email that is potentially corrupt.
All relatively easy mistakes to make that seem small but could have huge impact if not handled correctly. In most cases policies are put in place to minimise these types of errors, but what about the errors we can’t control or don’t recognise?
Can you determine the right time to report a breach?
If you are concerned about the level of security at your workplace contact us
It is much easier to know you are doing the right thing with security instead of trying to fix it when it goes wrong.
https://www.oaic.gov.au/privacy/notifiable-data-breaches/notifiable-data-breaches-statistics/
https://www.oaic.gov.au/privacy/privacy-for-organisations/small-business/