In our last news story, Grace Information Management looked at the failure of many businesses in protecting themselves following a data breach and how data breaches can effect a businesses’ reputation.
Well, it seems the fallout from a data breach is about to get worse, at least in Australia, anyway.
On Thursday, the Attorney-General the Hon Mark Dreyfus QC MP announced new laws in parliament that will require businesses and government agencies to notify people when a data breach affecting their privacy occurs.
“The new laws will alert consumers to breaches of their privacy, so that they can change passwords, improve security settings and make other changes as they see fit,” Attorney-General Mark Dreyfus QC said.
“Some data breaches have exposed the personal information of tens of thousands of Australians. The laws are good for consumers because they protect privacy, and are good for business because they will help create openness and trust.”
The new laws will also require notification of data breaches to the Office of the Australian Information Commissioner.
The Australian Privacy Commissioner, Timothy Pilgrim, has welcomed the mandatory data breach notification laws, which will come into effect on 12 March 2014.
‘Without notification, people affected by serious data breaches are unable to take mitigating steps to protect their personal information – steps which only they may be able to take, such as cancelling credit cards or requesting a new Medicare number,’ Mr Pilgrim said.
‘The last couple of years have seen a number of high-profile data breaches and subsequent own motion investigations initiated by me, and research suggests that the frequency of data breaches in Australia has continued to grow over the past three years,’ Mr Pilgrim noted.
Despite this upward trend, the Office of the Australian Information Commissioner (OAIC) only received 46 data breach notifications in the 2011–12 financial year, an 18 per cent decrease from the previous year.
‘I am concerned that we are only being notified of a small percentage of serious data breaches that are occurring. Many critical incidents may be going unreported and consumers may be unaware when their personal information could be compromised,’ Mr Pilgrim said.
With mandatory reporting, the reputation of companies who experience a data breach could be destroyed. Grace’s new Data Centre has been designed to assist Australian businesses in the safe and secure storage of their data. With passcode and proxy card entry only, CCTV cameras at every entry/exit point and the latest in professional hardware and software, you can rest assured your data is safe with Grace.