Further to our previous article, the Notifiable Data Breach (NDB) statement and other resources have been finalised and published on the OAIC website.

The NDB will start on 22 February 2018. It requires organisations regulated by Australia’s Privacy Act to assess suspected data breaches, and to notify affected individuals of any breach that is likely to result in serious harm. Notice must also be given to the Australian Information Commissioner.