<img height="1" width="1" style="display:none" src="https://q.quora.com/_/ad/1fa075f6a9144556974dd51ae0b653c7/pixel?tag=ViewContent&amp;noscript=1">
All Posts

Mandatory Data Breach Legislation: The Results so far.

Trent : On February 22nd 2018, the Australian Government introduced Mandatory Data Breach Legislation which had a direct impact on a large number of Australian organisations. The changes put into a very simple manner meant that if you or someone that falls under the umbrella of the outlined organisations, willingly or unwillingly transfers information about someone else of a personal nature to an unauthorised third party that may result in serious harm.

You have to alert that specific individual or individuals and also the Australian Information Commissioner. More recently The Office of the Australian Information Commissioner released a report that illustrates what’s been happening since it’s inception on Feb 22nd. The results are as follows.

The number of data breaches in February and March were 63. The top industry that reported data breaches was health service providers with Legal accounting and management services coming in a close second.

The highest reported number for the type of information breached was contact information which includes an individual’s name, email address, home address or a phone number.

Now the most interesting thing about all of this information is where the actual source of the breach originated. In just over half of the reported cases the breaches came down to human error. Now in reality what this could look like is someone accidentally sending an email to the wrong person and that email has some personal information in it about someone else. The second highest source of breach came from malicious or criminal attacks. These usually involved theft of personal information or cybersecurity incidents resulting from unauthorised access to an individual’s system.

Now after looking at all of those statistics it leads me to make two key takeaways. These are that comprehensive staff training is paramount, they need to be aware of what it means for them, your organisation and the people or person involved in the breach.

Another thing that your organisation needs to think about is combatting human error through technology. You need to think of a real world situation which could happen. Like what would happen if you were to leave your phone unlocked on a train? What would happen if you unintentionally attached a confidential document to an email and sent it to someone you didn’t mean to. It’s a really interesting topic and it can get quite in-depth. So I’m going to dive into that a little deeper in the coming weeks. It’s also vital that your organisation has strong security protocols to ensure that unauthorised access isn’t given to anyone at anytime.

Now adhering to this mandatory data breach legislation isn’t just for the benefit of your customers and ensuring their information is safe and secure. It should also be noted that failing to notify or identify a breach such as what was spoken about earlier comes with substantial penalties to both an organisation and the individual as well. If you would like to discuss or receive any more information about Mandatory data breach notification and legislation just fill out your name in the pop-up screen that’s going to come up next and I’ll be in touch. Thanks for watching.

Related Posts

5 Reasons Your Disaster Recovery Plan Will Fail

A Disaster Recovery Plan is like an insurance policy. It’s the thing you never hope to need, but are thankful to have when you do. If accidentally putting your phone through the wash feels like a chilly Spring breeze, suffering an organisation–wide operations failure would be a category 5 tornado in the dead of winter. That insurance with the help of IT Managed Services would come in handy, wouldn’t it? For something so critical to maintaining the function and security of a business, you’d be surprised just how many don’t take disaster recovery seriously. You might even be one of them. And you’re not alone. 40% of all businesses rate their organisation’s ability to swiftly recover operations after a disaster as fair to poor, and 3 out of 4 businesses receive a fail grading for DR strategy. Ironically, 95% of businesses experience system failures due to incidents unrelated to natural disasters. These operational disasters account for 45% of all system disasters, with natural disasters and human error accounting for 35% and 19%. And then there’s that 1% of freak, what the hell just happened?!?! occurrences. So if the chance of suffering some kind of system disaster is so high, why aren’t more businesses investing in an effective DRP? Think you’ve got DR covered on your own? Here are 5 reasons your disaster recovery plan will fail.

Techware Rebranded

We’ve been working hard on this project and are extremely proud to be revealing our refreshed branding in 2019!

Anatomy of Attack - What a successful attack looks like

Trent: Welcome back to TechScoop, thankyou for joining us now today I am joined by an exceptionally special guest Mr Ryan Economos from Mimecast. Thanks for joiing us Ryan, good to see you again.