Privacy Commissioner releases data breach guide

By

When facing up to a data breach, first contain it then evaluate the associated risk, says the Office of the Privacy Commissioner which released a new guide on handling breaches, today.

Privacy Commissioner releases data breach guide
Contain a data breach incident then evaluate the associated risk, says the Office of the Privacy Commissioner.

As part of the National Privacy Awareness Week, which kicked-off yesterday, the Privacy Commissioner Karen Curtis released a guide which lists steps that can be taken in case of an incident; in preventing and if necessary, responding to a data breach.

The 41-page document details four key steps: the first, to contain the breach and do a preliminary assessment followed by evaluating the risk associated with the breach.

In step three, organisations should consider the notification of affected individuals where a breach creates a real risk of serious harm to the individuals.

Step four advises organisations to prevent further breaches.

The guide, titled the ‘Guide to Handling Personal Information Security Breaches’ is available for voluntary use by businesses, agencies and non-government organisations.

According to Curtis, "While the Guide is voluntary, it represents good practice in handling breaches, and I would urge all organisations and agencies to read it and consider its use."

Curtis said the Guide was developed following extensive consultation with a range of stakeholders.

A recommendation to the government by the Australian Law Reform Commission earlier this month said the Privacy Law should be amended to include a mandatory data breach legislation in cases of serious harm.

National Privacy Awareness will runs between 24-30 August.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
breachdatasecurity

Sponsored Whitepapers

Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance
Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance
Service Over Signatures: The Truth About No Lock-In IT
Service Over Signatures: The Truth About No Lock-In IT
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Protect APIs. Protect Your Business.
Protect APIs. Protect Your Business.

Events

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments
Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"
SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy
Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?