Has your business implemented plans and procedures to comply with the new Notifiable Data Breaches (NDB) scheme affecting organisations covered by the Privacy Act?

New data breach laws are in force, putting the onus on owners of businesses with an annual turnover exceeding $3 million that collect data to protect and notify individuals whose personal information is involved in a breach.

The new laws also apply to businesses related to another business covered by the Privacy Act.

The compliance burden is increasing for businesses and Australian Workplace Strategies (AWS) Managing Director Jim Parke says the risk of breaches is growing daily with so much data transforming from paper to digital, or stored in the cloud.

“Data breaches are a reality and created through human error, mischief or simply because those looking for ways to disrupt are often one step ahead,” Mr Parke said.

“Companies now have a positive obligation to assess breaches and respond to breaches.

“As well as complying with these new laws, there are many complex issues to consider with data privacy, including how personal information is gathered, managed, stored, accessed and ultimately destroyed.

“With so many pieces to the data protection puzzle, it is vital that business owners and managers have access to expert advice,” Mr Parke says.

“When you also consider the implications of operating outside Australia and online, as many businesses do, this becomes even more important.”

Data breaches are common and many countries have laws intended to protect citizens’ personal information. “If your business operates overseas or has customers overseas, you also need to be aware of the requirements in those countries,” Mr Parke warns.

Australian Workplace Strategies can advise and assist companies how to set up systems and ensure data is securely protected. AWS provides advice on how to implement protocols to address all the compliance requirements.