What has been a dry topic for years and I suspect sometimes only given token
attention, is all of a sudden becoming a talking point in and outside the
On February 13th 2017 the Privacy Amendment (Notifiable Data Breaches)
Act 2017 (NDB scheme) was passed by both houses of the Australian Parliament.
In many cases, these amendments make notification of eligible data breaches
mandatory and come into effect as of February 22nd 2018.
By definition, a data breach is unauthorized access to, unauthoriszed disclosure
of, or loss of, personal information held by an entity. A breach can be a single
record, multiple records and doesn’t distinguish between physical documents or
All entities covered by the Australian Privacy Principles (APPs) will have clear
obligations to report eligible data breaches. Those who fail to notify under these
obligation will face substantial financial penalties both at an individual and
In parallel to this, the Government has recently released the Productivity Commission’s
final report into Data Availability and Use. It is recommending a
complete overhaul of the legal and policy frameworks under which public and
private sector data is collected, stored, used and traded. The report also calls out
that reform by Government should commence immediately with a new data
Framework to be implemented by the end of 2018.
There is no doubt that data creation is exploding and we are fast becoming a
digital economy. The question organisations must seriously ask themselves is:
“Am I truly ready for this digital journey and do I have the appropriate
ecosystem in place to ensure I am able to satisfy my compliance
If an organisation’s key people can’t answer this question in the affirmative then
there could be a lot of sleepless nights ahead as GRC can no longer be swept
under the board room table.
We at Trusted Habitat would welcome further discussion. Please contact us at
firstname.lastname@example.org if you would like to connect.
Chris Ford: Director, Sales and Alliances Trusted Habitat
Trusted Habitat is an Australian firm, connected globally with thought leaders
and experts in the areas of digital transformation and the reduction of risk when
sharing sensitive information in an online interconnected world.