Knox Taxation & Business Advisory, in Boronia, wishes to advise you that, as of the 22nd of February, 2018, any Australian businesses that fall (or have fallen) victim to a data breach causing a risk of serious harm to individuals, or has received a high level of media attention, must notify the Office of the Australian Information Commissioner, and also inform their customers of the incident.
This bill will apply to any organisation that has responsibilities under the Privacy Act, including:
1. Annual Turnover of more than $3 Million
• Government Agencies
• Businesses, and
• Not-for-Profit Organisations.
2. Annual Turnover of $3 Million or less
• Private Sector Health Service Providers (including alternative medicine practices, gyms, and weight loss clinics)
• Childcare Centres, Private Schools, and Private Tertiary Educational Institutions
• Businesses that trade personal information
• Credit Reporting bodies, and
• Individuals who handle personal information under the Mandatory Retention Scheme.
Generally, if your organisation collects any of the following information from customers (Credit Reporting, Building Data, Personally Identifiable Information, and/or Tax Data) you are impacted by the Revised Privacy Act.
What’s Your Next Step?
Your business may already have a policy and procedure in place to deal with a client data breach, hence only needing some minor alterations. That’s great!
If you don’t have any policies in place, it would be a good time to consider re-writing them to include this update. Seeking legal advice throughout this process would be beneficial, as would getting your HR advisers involved too (if you have them).
Protecting Your Organisation From a Data Breach
Prevention is always better than a cure. Therefore, if you haven’t had your digital security systems recently audited it may be worth doing so.
In most cases a combination of the following will not only make your business compliant with the new laws, but will also reduce the likelihood of a significant data breach:
• Reputable Anti-malware Software
• Strong Password Policies
• Two-factor Authentication
• Staff Training, and/or
• Well thought-out Policies and Procedures.
If you would like to find out more about IT software and systems you can read more here: https://www.australiawideit.com.au/2018/02/
You can also visit https://www.oaic.gov.au/ for more information about how these changes will affect your business.
Being able to effectively protect customer privacy and sensitive data from breaches is critical to all organisations. Ensure that your organisation is safe with up-to-date security measures.
As always, we’re here at Knox Tax to help you negotiate your way through any issues of taxation, or general advisory, to help you gain a better understanding of your business, your business operations, and compliance responsibilities. Do take on-board the above information, and realise it is now applicable (as of yesterday), and if you’re still not sure about any aspect of it, CONTACT US.