© 2020 Content Security Pty Ltd.

Advisory services

Mandatory Data Breach Notification

Are you up to date with the Mandatory Data Breach Notification Compliance? Content Security can help you easily conform to the latest technical and business requirements.

In February 2017, the Senate passed the Privacy Amendment (Notifiable Data Breaches) Bill 2016 bringing Australia in line with other countries globally. These laws are in effect, meaning businesses need to be aware if their compliance obligations with the new legislation.

This amendment requires businesses to not only report unauthorised access to, or disclosure of, personal information, but also to investigate any suspicions of a data breach, whether or not there are reasonable grounds to believe that one has occurred. 

Summary of the Australian Privacy Principle 11

APP 11 requires an APP entity to take active measures to ensure the security of personal information it holds, and to actively consider whether it is permitted to retain personal information.

An APP entity that holds personal information must take reasonable steps to protect the information from misuse, interference and loss, as well as unauthorised access, modification or disclosure

An APP entity must take reasonable steps to destroy or de-identify the personal information it holds once the personal information is no longer needed for any purpose for which the personal information may be used or disclosed under the APPs

Related post

CPS-234 The Strategic Approach

How Content Security can help you

To minimise business and reputational risk, it’s important that your current procedures, controls and processes are in line with security standards. Content Security can:

  • Document the PII flow within your organisation
  • Understand the effectiveness of the security controls currently in place
  • Define a roadmap to improve the effectiveness and efficiency of your security controls
  • Help management demonstrate commitment to protecting personal information
  • Quantify the level of risk to management and the board

For more information please contact our cybersecurity professionals today.