Why small business owners need to take data security seriously

1st October 2018

Small business owners across Australia are being impacted by one of the most significant changes to the privacy and information security in the country’s history.

The Notifiable Data Breaches (NDB) scheme of the Privacy Act 1988 established stricter reporting requirements earlier this year. This scheme requires small businesses to report eligible data breaches to authorities and also members of the public if there is a suspicion that data has been compromised.

Although this legislation was enforced since the start of the year, a number of small business owners are still yet to get a grip of the requirements.

A data breach not only relates to a cyber-attack, but it also includes private information being read by a stranger, whether this be on a personal computer while traveling to work.

The consequences can be devastating, as legislation carries significant financial penalties that will have a serious affect on any small business that collects personal information from their customers and staff.

Penalties start at $360,000 for individuals, rising to $1.8 million for businesses.

With cyber-attacks becoming more common, it is important that small businesses at least start with the basics, including complex passwords, two-step verification, educating staff on suspicious emails, having back-ups in place and having up-to-date software subscriptions.