Story image

How data security could help you avoid NDB breach reporting

26 Mar 18

Australia’s Privacy Amendment Act (Notifiable Data Breaches) Act 2017 scheme rolled out on February 22 and Europe’s GDPR is just a couple of months away on May 25.

It’s likely that the number of reported data breaches will increase this year as customers’ data security becomes one of the most important developments of the 21st century.

Organisations that lose customers’ financial and sensitive data as a result of breaches are likely to lose 67% of their customer base, according to Gemalto's 2017 Data Breaches and Customer Loyalty report. To keep that loyalty, organisations must demonstrate that they are actively protecting their customer data.

Australian public sector agencies, health service providers, private sector firms with an annual turnover of more than $3 million, some small business and non-government organisations must comply with the Privacy Amendment (NDB) Act.

But not all data breaches require notification if certain data security methods have been put in place.

When appropriate security controls like data encryption and centralised key management are part of those security methods, and customer data is kept safe, organisations don’t need to notify customers.

Courtesy of Gemalto, the NDB has been stripped back to the facts you need to know.

  • What is the Australian Privacy Amendment (Notifiable Data Breaches) Act 2017?
  • Why was it created?
  • What does your organisation need to do to comply?

If you don't find the answers soon, you may face substantial penalties including fines, lost customers and increased risk of future data breaches.

Ransomware infection? Here’s how you control the damage
Ransomware has evolved to be more sophisticated and targeted, and remains a threat to businesses of all sizes.
Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
It's time to rethink your back-up and recovery strategy
"It is becoming apparent that legacy approaches to backup and recovery may no longer be sufficient for most organisations."
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.
Don’t let your network outgrow your IT team
"IT professionals spend less than half of their time at work optimising their networks and beefing it up against future security threats."
Three access management trends making waves in APAC
Consumer identity proofing, authentication, and authorisation will top the $37 billion value mark by 2023.