The rollout of the Notifiable Data Breaches (NDB) scheme has sent a shockwave through the accounting industry due to the wide range of protocols and notification procedures that will be put in place from February 22nd, 2018.
The Privacy Amendment Bill that was passed last year through the Senate means that as of 22nd February 2018 all agencies, organisations and certain other entities will need to provide notice to the Office of Australian Information Commissioner and affected individuals should a data break occur.
Any individuals or companies that fail to notify the OAIC of a data breach will risk being fined up to $340,000 and $1.7 million respectively.
Generally, small business operators (turnover under $3m) do not have obligations under the NDB scheme but some must comply. Examples include those operating a residential tenancy database or any business providing health services.
Businesses should research and understand the new laws and ensure that if the NDB scheme applies to them all team members are trained and internal policies are updated to ensure compliance.
For more information on the updates to the Australian Privacy Act click here.