The results are in. The Office of the Australian Information Commissioner (OAIC) has released its first quarterly report since the Notifiable Data Breaches scheme (NDB) began. The NDB makes it compulsory for Australian organizations to alert the OAIC when a data breach happens, as well as individuals whose personal information is part of the breach.
There were 63 breaches reported under the NDB scheme for Q1 of 2018, which is nearly double the amount of mandatory notifications received in 2016-2017 (35). What is already a significant jump gets even more worrying when you consider that the Q1 report only takes into account breaches reported since February 22nd, leaving out all January and much of February. For a 180% YTD increase to have happened in only a few weeks is a sign that Australian businesses and the OAIC are taking the protection of people's personal information seriously.
What can Australian businesses learn from this? Firstly, any organization that holds personal information like names, addresses, medical records or bank account details must have a plan in place to notify the OAIC and affected individuals in the event of a data breach. The best form of defence is a good offense – don’t wait for a breach to happen before you think about your next steps.
The second lesson here is that data breaches haven’t gone away and protecting against them is a job that is never done. Organizations need to identify areas where a breach has the potential to occur. Most of the time it is in email, where information is leaked accidentally by sending an email or file to the wrong person. Look to implement Privacy by Design in your email workflows to better manage the sharing of personal information. Making changes now can help protect you financially and professionally in the long run.
For more ways to strengthen your data protection strategy in 2018 and beyond – including for NDB compliance – download our free industry guide.
About the author
Azan drives and manages sales in Australia, New Zealand, and Asia. He brings with him over 15 years' experience in the IT industry including many years as a software engineer and developer. Azan holds a degree in Computer Science from the Victoria University of Wellington.