New federal data breach legislation comes into effect in Australia from 28 February 2018. Heavy penalties may apply if your organisation has a data breach.
A civil penalty for serious or repeated interferences with the privacy of an individual will only be issued by the Federal Court or Federal Circuit Court of Australia following an application by the [Privacy] Commissioner. Serious or repeated interferences with the privacy of an individual attract a maximum penalty of $360,000 for individuals and $1,800,000 for bodies corporate.
Under the new legislation you will now be a requirement to report ‘eligible’ data breaches to the Australian Privacy and Information Commissioner and notify customers that may have been affected immediately.
Is your business affected?
The legislation affects companies with over $3 million in turnover, as well as the majority of government agencies and many smaller companies that handle sensitive client information.
Three Mistakes you don’t want to make:
- A common mistake is assuming your existing security software and MSP or Cloud Provider is keeping your data safe. Your IT staff and Managed Service providers have basic knowledge of security systems, not the specialist knowledge required for your data protection.
- Be aware your current insurance may not be valid if you have not implemented sufficient data security measures.
- Don’t imagine that a data breach may go unnoticed.
Recent data breaches against Australian businesses have been big news even without a legal reporting requirement. ABS census data, the Brisbane City Council, the Federal Dept of Meteorology and over a million data records from Red Cross Blood Bank have been recent newsworthy casualties.
What constitutes a data breach?
The bill classifies a data breach as any incident that results in “unauthorised access to, or unauthorised disclosure of, personal information about one or more individuals (the affected individuals), or where such information is lost in circumstances that are likely to give rise to unauthorised access or unauthorised disclosure”.
Who are we?
Cybernetic Global Intelligence (CGI) is a global leader in cyber security. We have protected clients from cyber attack since 2009 and have achieved 100% success rate. None of our active clients have ever experienced a data breach.
We work with ASX listed companies and organisations in Government and private sectors. From our offices in the heart of Brisbane, we’re helping clients in Australia, New Zealand, Asia, Europe, USA, Middle East and Africa
What we can do for you?
- Help you understand your obligations under the new act, diagnose any vulnerabilities in your existing systems and develop secure frameworks to protect your company.
- We identify cyber threats within your current software systems.
- We monitor your existing systems with custom-developed security hardware and use real people, with specialist knowledge to monitor your cyber safety 24 x 7.
- We assess your systems and provide a comprehensive report on the extent of protection and compliance your company already has, and provide additional services to ensure full protection.
- Our security packages come with free staff training to properly secure your systems against evolving security threats.
- We do not sell software. We work with your existing software systems.
We are currently offering free compliance checks for the new Federal Government requirements for mandatory data breach reporting.
We look forward to sharing of our vast experience and specialist security knowledge with your organisation. Call us on 1300 292 376.