Privacy law changes are coming

As of February 2018, data breach notification will become mandatory with all entities required to comply with the Privacy Act 1988.

This means that from 22 February 2018, all entities covered by the Australian Privacy Principles (APPs) will have clear obligations to report eligible data breaches to the Office of the Australian Information Commissioner (OAIC). In short, businesses are required to report breaches that are likely to result in serious harm.

Businesses that fail to conform, which constitute a serious interference with privacy under the Privacy Act, risk a fine of $1.8 million.

According to the OAIC, the notification to affected individuals and the Commissioner must include the following information:

• the identity and contact details of the organisation
• a description of the data breach
• the kinds of information concerned and;
• recommendations about the steps individuals should take in response to the data breach

The impression is that the Government is attacking small businesses again with a clear risk that if staff are not adequately trained in data protection there could be severe consequences. Again, another reason to incorporate to a company to protect your assets.

For a second opinion, contact your nearest TaxAssist Accountant today.