[LINK] Privacy Commissioner launches data breach guide (PR)
Michael Meloni
mike at somebodythinkofthechildren.com
Mon Aug 25 13:25:42 AEST 2008
Media Release: Privacy Commissioner launches data breach guide
http://www.privacy.gov.au/news/media/2008_16.html
25 August 2008
-----
The Australian Privacy Commissioner, Karen Curtis, has released a "Guide
to Handling Personal Information Security Breaches". It is for use by
businesses, agencies and non-government organisations in preventing and,
if necessary, responding to a data breach.
"Under the Privacy Act, organisations must take reasonable steps to
prevent a malicious or unintentional loss of personal information they
hold," said Ms Curtis.
"Prevention is always better than the cure.
"However, in the eventuality that a breach does occur, the Guide will
provide clear steps that can be taken to minimise the impact of the
breach on those individuals affected by it."
Ms Curtis said the Guide was developed following extensive consultation
with a range of stakeholders. It includes four key steps to consider
when responding to a breach:
Step 1: Contain the breach and do a preliminary assessment
Step 2: Evaluate the risks associated with the breach
Step 3: Consider notification
Step 4: Prevent future breaches.
With regard to Step 3, the Guide suggests that individuals affected by a
breach should be notified where a breach creates a real risk of serious
harm to the individuals.
The Guide incorporates illustrative examples which will assist in
circumstances, such as whether notification is an appropriate response.
"While the Guide is voluntary, it represents good practice in handling
breaches, and I would urge all organisations and agencies to read it and
consider its use," Ms Curtis said.
The operation of the Guide could inform the Government's response to the
Australian Law Reform Commission's August 2008 recommendation that
mandatory breach notification be introduced into law.
The Guide is available at www.privacy.gov.au/publications/breach_guide.pdf
-----
--
Michael Meloni
http://www.somebodythinkofthechildren.com
http://www.netalarmed.com
More information about the Link
mailing list