Mandatory data breach laws start today - are you prepared?
The Australian Small Business and Family Enterprise Ombudsman, Kate Carnell, has urged small businesses to urgently prepare for the introduction of mandatory data breach reporting laws that come into effect from today 22 February.
“If an unauthorised entity accesses anyone’s personal information from a business computer system, where it is likely to result in serious harm to that individual, that data breach will have to be reported to the Office of the Australian Information Commissioner (OAIC), as well as the individual affected," Ms Carnell said.
“An unauthorised entity could be an employee, an independent contractor or an external third party, such as a hacker (via cyber attack).
“Serious harm to an individual may include physical, psychological, emotional, financial or reputational harm.”
Ms Carnell warned this legislation carried significant financial penalties, and would affect any small business that collects personal information from their customers, and staff.
She said she had read that a new study reported 44 per cent of Australian businesses were not fully prepared.
“Another report by Telstra last year found 33 percent of small businesses don’t take proactive measures to protect against cyber breaches.
“With penalties of up to $360,000 for individuals and $1.8 million for organisations, the impact of a breach on a small business is devastating.”
Mrs Carnell said information on what a breach is, how to report a breach, or how to take steps to avoid notification in a timely manner can be accessed from the OAIC website.
"I suggest small business operators also read our Cyber Security Best Practice Guide, which was released this earlier month.
“This free guide will help small businesses understand the risks and how to prevent cyber attacks. It explains very simply what cyber security is, who to talk to and provides links to further information.
“Small businesses are particularly vulnerable to sophisticated cyber criminals as they often lack the time and resources to properly investigate and understand this very real threat.
“Protect your business’s data like you would your office: lock up at night, don’t give the keys to anyone you don’t trust, and report any suspicious activity that takes place on your premises," she said.
Need help security your computer? Local Area Marketing can help you with advice and the lowest cost software to help you to efficiently and securely get the job done. Contact our Chief Cyber Security & IT Officer, Burt Mascareigne email@example.com
Want to know more? Visit the Anti Ransomware Resource Centre for tips, ideas, videos and other helpful information.