If you’re delivering digital transformation, and haven’t carried out a privacy impact assessment, you may be risking the success of your project. An example is in the finding by the Australian Information Commissioner, against the convenience store 7-Eleven.
The introduction of the Notifiable Data Breaches (NDB) scheme last month will shine a spotlight on ICT security and compliance for Australian organisations.
News recently broke of an extraordinary breach of national security following the discovery of highly sensitive cabinet documents in two old filing cabinets bought at a second-hand shop in Canberra.
There’s no question the level of trust and confidence customers have in a brand directly impacts profitability. The reputation of a business is essential to survival.
Just this morning, we’ve seen the publicity regarding the contractor breach exposing 50,000 Aussie government and bank staff records. And recently, much media attention was given to the theft of confidential technical information about new fighter jets, navy vessels, and surveillance aircraft from an Australian defence contractor.
In February 2018, new legislation for mandatory data breach notifications will be introduced as an amendment to the Australian Privacy Act. This amendment will apply to all organisations required to comply with the Australian Privacy Act 1988 and could result in penalties for non-compliance of up to $1.7M for organisations and $300,000 for Directors.
The recent data breach at US credit reporting firm Equifax provides a valuable lesson.