If your business stores personal information like phone numbers, TFN’s, health or financial records, and you have good turnover every year, keep reading.
Recent changes to privacy and data protection scheme means that many small and medium sized businesses now have to comply with stringent data privacy requirements. If your business is one of them you may be required to:
Secure your data to the best of your ability.
Monitor for breaches.
Notify the Office of the Australian Information Commissioner (OAIC) and those affected if there is a breach.
Have an up to date APP Privacy Policy in place.
New Data Privacy regulations
-What’s changed and who is affected?
The Notifiable Data Breaches Scheme (NDB) came into effect in February. It requires you to monitor for and report any breach of personal information to the OAIC and those affected, if your business:
Turnover is more than a million and stores private information
-What’s considered personal information?
Personal information relates to your employees as well as your clients or customers.
Everything from an individuals name, address, phone number, date of birth, medical records, bank account details, right through to their opinions, personal preferences and photos, can be considered personal information.
-What constitutes a breach?
A data breach doesn’t have to be as malicious as hackers accessing your records or stealing information.
A breach can be as simple as documents being left at a café, a laptop or USB being lost or stolen or unauthorized access, disclosure or misuse of personal information by your staff.
What you need to do
Perform a security audit as soon as possible to see how secure your data is and identify any gaps.
-Ensure your data is secure
Put in place the necessary mechanisms to make sure you’re protecting your data to the best of your ability.
-Actively monitor for data breaches
You need to have active monitoring and alert systems in place to identify any breaches, so that you are able to notify the OAIC if one occurs.
Integralis has you covered
We’ve already helped hundreds of business get their security measures up to scratch to ensure they comply with all the legal and regulatory requirements .
Call us on 1300-512772