The deranged gunwoman who shot three people before killing herself at YouTube’s headquarters in California posted a strange series of videos in the lead-up to her gun rampage. Nasim Aghdam, 38, opened fire with a handgun in
Blog List
- Home
- Blog List
Australia’s first app-based scooter taxi service, Scooti, is coming to Melbourne this month. Similar to Uber, Scooti is going to connect scooter drivers with passengers in need of a lift. According to start-up company, travelling by scooter
Australia captain Steve Smith confessed that his side intentionally tried to tamper with the condition of the ball in order to gain an advantage over South Africa during the third Test against South Africa in Cape Town
A vulnerability is considered to be a zero-day vulnerability when it is not known to the people who are interested in patching it, like vulnerability researchers, the users of the project or the team maintaining the project.
Cleaning a hacked website can undoubtedly be exhausting. However, by following a few basic steps, you can quickly identify as well as clean a hacked site. STEP 1- IDENTIFY HACK 1.1 - First scan your website properly
Nowadays, an increasing number of employees expect the freedom to access their work documents as well as emails from anywhere on any device. They expect seamless experiences that aren't limited to corporate-owned devices anymore. But then what
A $1.3 billion rail loop as well as robot trains are among transport options being considered to connect a proposed $30 billion ‘super city’ at East Werribee. Initial works to determine the feasibility of a major new
Is your PC not performing well? Here are a few tips that can help you speed up your Windows 10 system without compromising its appearance as well as functionality. Although most are free, some involve spending on
The hosting provider you choose for your WordPress site is an important decision. Experts recommend website owners to choose the most secure web hosting company, given the CMS's vulnerabilities when plugins as well as core files are
The Notifiable Data Breaches (NDB) scheme comes into effect today, requiring Australian agencies & organisations that are covered by the Privacy Act to report any data breach that is likely to result in "serious harm". Failure to
About Me
Zulia Maron Duo
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore.
The Notifiable Data Breaches (NDB) scheme comes into effect today, requiring Australian agencies & organisations that are covered by the Privacy Act to report any data breach that is likely to result in “serious harm”. Failure to comply can result in massive fines of up to $2 million.
Given the recent number of data breaches, including the Australian Red Cross Blood Bank Service breach in which personal details of 550,000 blood donors leaked, many Australians believe the legislation was long overdue.
Security analyst Troy Hunt disclosed that even his own wife’s blood donation records were in the dataset which had been extracted. However, the Red Cross took immediate steps to contain it. Their communication was absolutely fantastic. They notified affected individuals via text message and email. Also, they issued press releases confirming that a data breach had occurred & published statements on its website as well as social media sites.
Uber, on the other hand, concealed massive hack that exposed data of 57m users & drivers. The company paid hackers $100,000 in order to delete data as well as keep breach quiet.
However, the consequences of a data breach will now get much, much more serious. As of today, many Australian businesses are subject to the country’s new notifiable data breaches scheme and are now legally obliged to report data breaches or cop hefty fines
“Meeting privacy obligations and the expectations of the community continues to be essential. Only by demonstrating a commitment to privacy can organisations build and maintain people’s trust and a social licence for innovative uses of data,” said Australia’s outgoing Information and Privacy Commissioner Timothy Pilgrim.
What is the aim of this scheme?
The aim of the scheme is to improve transparency as well as further strengthen privacy protections. Nowonwards, organisations won’t be able to keep silent about serious data breaches. They will be compelled to report notifiable data breaches to the affected individuals & to the OAIC.
Know who exactly will be affected
This bill will apply to all organisations that are responsible for keeping personal information secure under the Privacy Act, including Australian Government agencies, not-for-profit organisations & businesses with an annual turnover of more than $3 million.
The Act will also apply to some types of businesses with an annual turnover of $3 million or less, like:
- Childcare centres,private tertiary educational institutions & private schools
- Private sector health services providers – even alternative medicine practices, weight loss clinics & gyms fall under this category
- Businesses that purchase or sell personal information along with credit reporting bodies.
What types of breaches will be ‘notifiable’?
Many organizations in Australia collect sensitive information such as names, addresses, tax file numbers, credit card details, financial information, medical history, etc. The Privacy Act stipulates that these sensitive information must be kept secure. If this kind of highly sensitive information is disclosed, lost, or accessed without authorisation, a breach is deemed to have occured.
And breaches will be ‘notifiable’ when they are likely to cause serious harm to the affected organization or individual.
What is meant by ‘serious harm’?
Serious harm is considered to have occurred if someone suffers reputational damage, financial or personal loss, risk to personal safety, or other kind of harm, be it psychological or physical.
The organisation will need to investigate breaches for determining the level of harm, for reporting any notifiable breaches,& for taking necessary steps in order to prevent further damage & this must be done within 30 days of the data breach.
What does “Readiness” for the NDB Scheme look like?
- Avoiding being breached in the first place
- Educating staff on legal obligations under the scheme
- Preparing for a breach the same way as you would prepare for disaster recovery
- Having a discussion with leadership/board
If a company is confident that the breach has been contained & the customers are not at risk, they could be exempt from reporting the incident.
And it is not just Australian businesses that are compelled to report breaches. Even foreign companies operating on Australian soil will be coming under the law.
Recent Comments