Following the commencement of Australia's mandatory data breach notification (MDBN) laws last month, the Office of the Australian Information Commissioner (OAIC) has released its guide to privacy compliance and data breach responses entitled Data breach preparation response - A guide to managing data breaches in accordance with the Privacy Act 1988 (Cth) (Privacy Act). The guide brings together information from previous guides issued by the OAIC and various OAIC resources published last year, to assist entities in understanding their compliance obligations.
The guide outlines key requirements in relation to data breaches under the Privacy Act, particularly concerning personal information security requirements and obligations under the MDBN Scheme. The guide also provides guidance for entities in developing a data response strategy, and outlines governance processes and the steps to take in the event of a breach.
The MDBN scheme commenced on 22 February 2018 and this guide is designed to assist businesses and organisations to comply with the scheme. For further information, please see our February edition of LegalBytes here.