ARN reports that the Office of the Australian Information Commissioner (OAIC) has received 31 data breach notifications in just the first three weeks since Australia's Notifiable Data Breaches Scheme came into effect on February 22nd.
This says a few things:
- Australian businesses are taking their data privacy obligations seriously. The immediate steady stream of notifications means the education of Australian businesses and the threat of some large fines have done their job.
- Data Breaches happen in a number of ways, not all of which are caused by external factors and bad actors. Sending an email to the wrong person or company can represent a breach.
- A Data Breach response plan is now a mandatory component of the IT practice in your firm. It's malpractice to be unprepared as the frequency of data breaches means it's somewhat likely your organisation will suffer one at some point.
- A potential Data Breach Assessment would be a wise investment for your company.
The OAIC says that it will report on the data breach numbers quarterly, and we'll provide an update then.
