[LINK] Australian privacy breach notification
stephen at melbpc.org.au
stephen at melbpc.org.au
Wed Nov 7 21:42:53 AEDT 2012
Australian privacy breach notification
Attorney-General's Department, 20th October 2012
<http://www.ag.gov.au/Consultationsreformsandreviews/Documents/AustralianP
rivacyBreachNotificationDiscussionPaper.PDF>
The Commonwealth Government has published a discussion paper, 'Australian
Privacy Breach Notification' about the possible introduction of mandatory
data breach notification laws.
A data breach occurs when personal information is improperly accessed,
obtained, used, disclosed, copied or modified.
There have been several significant and high-profile data breaches in
recent years. The paper considers what notification requirements
government agencies and large private-sector organisations should have to
meet when they suffer a data breach.
Questions include:
* Should Australia introduce mandatory data breach notification laws?
* What kind of breaches should trigger notification requirements?
* Who should decide whether notification is necessary?
* What should be reported and how quickly?
* How should a notification requirement be enforced?
* Who should be subject to a mandatory data breach notification law?
Submissions are sought by 23 November 2012. http://apo.org.au/node/31691
"Recently, there is anecdotal evidence that breaches of data security are
increasing in frequency and scope. Some recent US reports have found that
up to 88 per cent of organisations surveyed have had at least one data
breach during the course of a year. These reports also indicate that the
cost of notification and rectification is also increasing, with a cost
range of $174 to $268 per information record breached in the US,
depending on how quickly a company responded to the data breach.
In addition, the Office of the Australian Information Commissioner (OAIC)
was notified of 56 data breaches in the 2010/2011 financial year,
equivalent to a data breach a week. This is up from 44 in the previous
year, an increase of 27 per cent. The Privacy Commissioner also opened 59
investigations in to breaches of which there was no notification to the
OAIC".
--
Cheers,
Stephen
More information about the Link
mailing list