Tel: (08)6364 0600
Get ready for the Notifiable Data Scheme

Getting ready for the Notifiable data scheme

Getting ready for the Notifiable data scheme
Alex Clark | 31-05-17

The Australian government will be amending the Australian Privacy Act 1988 on the 22nd of February 2018. The new notifiable data scheme will apply to all businesses, government agencies and other organisations that are covered in the privacy act.

So… what is it?

A notifiable data breach is when personal information held by an organisation is deleted, modified or leaked by a person not authorised. The NBD scheme requires organisations who have been breached to notify anyone affected within 30 days of the breach, with steps to be taken in response included, and inform the Office of the Australian Information Commissioner (OAIC). The organisation must also conduct prompt assessments of the data suspected to be breached, to determine if it could cause serious harm.

What can I do to prepare?

  1. Review internal policies

  2. Organise or update a Breach plan and guide, to be able to respond quickly

  3. Ensure a strong password policy is enforced throughout the network

  4. Ensure all firewalls and routers are up to date

What is the penalty for non-disclosure?

Companies who fail to disclose a breach could be fined up to $1.8 million, individuals who also fail to disclose could be fined $360,000

Does this scheme apply to me?

The NBD scheme is applied to government agencies such as state government or local councils and organisations that are governed by the privacy act such as:

  • Businesses and not-for profit organisations with a turnover of more than $3million a year

  • Private health services including gyms and weight-loss clinics

  • Credit reporting bodies

  • Private schools and child care centers

  • Business that buy or sell personal information

Are there exceptions to the requirement to notify

The short answer is yes, If the organisation has taken steps to fix the problems that caused any potential harm to individuals after the breach has happened, the notify obligations will not apply. So, early detections and a well thought out action plan are essential. To view the other exemptions, please review the act

 When does the NBD scheme start?

The scheme will commence on the 22nd of February 2018.

Return to News list

Contact Us Now

To discover how Qbit can satisfy your business’ IT requirements or to discuss our services, please contact us today.