Australian Parliament to Consider Mandatory Breach Notification

    Sep 13, 2016

    The Australian government on August 29 released a draft breach notification bill for consideration during the spring session of the new Parliament, which convened August 30. The legislation, which would require businesses to report serious data breaches to the Australian information commissioner and notify individuals whose data is affected by a breach, seeks to implement a government commitment in response to a March 2015 Parliamentary Joint Committee on Intelligence and Security recommendation. The government published an exposure draft of the legislation in December 2015 and provided a public comment period that ended in March.  

    The draft legislation defines a serious breach as a situation in which there is unauthorized access to, disclosure of, or loss of customer information held by an entity, which as a result generates a real risk of serious harm to individuals involved. It contains general rules for the majority of entities regulated by the Privacy Act as well as analogous rules for credit reporting bodies and credit providers that are subject to specific consumer credit reporting regulations. The legislation also requires recipients of tax file number information to protect the types of personal information it holds from misuse, interference, and loss, and from unauthorized access, modification, or disclosure.

    When a serious breach does occur, an entity is required to notify customers, the privacy commissioner, and, potentially, the media “as soon as practicable after it is aware” or has reasonable grounds to believe a serious data breach has occurred. The notification must include a description of the data breach, the kind of information involved, and how customers should respond to the security incident.

    The online Global Policy Brief is intended to help you stay current on international news and events. Further information about the issue is accessed by clicking on the link provided at the end of each summary.

    Want to sign up to receive an email version of the Global Policy Brief? It's free! Just tell us a little about yourself and you'll receive a monthly dose of the latest in legislation, regulation, and more.

    © 2017, ARMA International