Notifiable Data Breaches Act.
An astonishing 57% of Small to Medium Businesses (SMB’s) surveyed in the HP Australia Security Study admitted to not undertaking any sort of IT security risk assessment. What this means is that any SMB’s with annual turnover over $3M are now at risk of breaching the newly reformed Notifiable Data Breaches Act. Does your business fall into this category?
All organisations covered by the Australian Privacy Act will now be accountable to the Notifiable Data Breaches Law scheme.
The Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 established strict requirements for entities in responding to data breaches. Introduced on the 22nd February 2018, all SMB’s with annual turnover over $3M, now have data notification obligations when a data breach is experienced and likely to result in serious harm to individuals and businesses. Therefore, you now must directly notify those whose information is involved in a data breach, as well as report any breaches to the Office of the Australian Information Commissioner (OAIC) and your customers.
Prior to the new law, SMB’s often did not act upon any data breaches, avoiding serious consequences and leaving consumers in the dark by not being obliged to report any breaches.
Is your Business at Risk?
For those that have not yet recognised the issue in not undergoing any risk assessments, your business can now incur significant financial penalties and credibility risks. Hefty fines are now in place, ranging between $360,000 to $1.8M for organisations that fall under the new scheme.
No matter what industry you are in, it is vital to now apply rigorous security standards. “Organisations should implement a process to monitor, detect and report data breaches, but prevention – and reducing the frequency and severity of breaches – is equally important” Paul Gracey – HP South Pacific
Often, data breaches are linked to malicious activities. However, human error can also play a role, where an employee may not follow internal protocols or even lose a company device with sensitive data on it. In other words, security breaches are often inevitable. However, protocols and plans can mitigate the risk, ensuring your business is prepared and with the right preparation your business will be well positioned in regards to your proactive security measures.
Enspire’s Free Network Analysis
Enspire have now launched a Network Health Check in line with the NDB Scheme, providing a free Network Performance Analysis and Cyber-Health Workshop powered by CQR to unlock the potential of your current network. This is a ‘two pronged’ approach to review your Network Performance & Security. A probe device will be inserted into your network environment for a week, at no cost, allowing the Enspire team to monitor and review your entire environment. The Enspire Security Operations Team will schedule a workshop at your office to breakdown the current status of your Cyber Security Policy and provide recommendations towards addressing any gaps. The end goal is to ensure your environment is not vulnerable, that you have a clear plan towards addressing Notifiable Data Breaches and that your network is performing to its full capability.
For further information, call our expert team directly on 1300 366 394