On 22 February 2018 the Privacy Amendment (Notifiable Data Breaches) Act 2017 established the Notifiable Data Breaches (NDB) scheme in Australia.
The NDB scheme obliges organisations to notify individuals whose personal information is involved in a data breach that is likely to result in serious harm to the affected individuals, and to notify the Australian Information Commissioner (Commissioner) of eligible data breaches. The notification to individuals must include recommendations about the steps they should take in response to the breach.
Now the Commissioner has released the first full quarter report of notifiable data breaches, for the period 1 April to 30 June 2018.
The OAIC Quarterly Report
The number of notifications for the quarter appears significantly higher than for the previous quarter, though that is skewed by a number of factors, including that the scheme only came into force on 22 February 2018. Prior to that, organisations were not obliged to report data breaches.
The number of breaches reported per month of 2018 is set out below. Even if January and February are ignored, it’s clear that there is an upwards trend in the number of notifications being made…Click here to read full article.