OAIC Notifiable Data Breaches Scheme – The first 4 years

The Notifiable Data Breaches (NDB) scheme commenced in February 2018, introducing new obligations for Australian government agencies and private sector organisations with an annual turnover of $3 million AUD or more. Notably, under the NDB scheme organisations are required undertake an assessment should they suspect:  Unauthorised access to or disclosure of personal information, or loss of personal information where access by unauthorised persons is likely to occur,  Serious harm to the individuals to whom the information relates is likely to occur, and  The risk of serious harm cannot be addressed through remedial action.  If the assessment indicates that serious harm is likely to result from a data breach, they must notify the Office of the Australian Information Commissioner (OAIC) as well as all affected individuals so they can take action to address possible consequences and also. As data breaches and subsequent investigations are often significantly complex, an organisation or agency […]