Tag archives: scheme

Paying a Cyber Ransom – should you do it?

Ransomware incidents continue to be the most common cyber-related attacks against businesses. Ransomware is a type of malware that blocks access to a computer system (or threatens to release data) until or unless a sum of money is paid (often in Bitcoin). When a ransomware attack strikes, it can have an immediate and debilitating effect … Continue reading

OAIC releases 12-month data breach scheme report – encourages entities to move beyond compliance

The Office of the Australian Information Commissioner (OAIC) this week released its 12-month Insights Report for the Notifiable Data Breach (NDB) Scheme (Report).  The Report shows trends and noteworthy statistics from 1 April 2018 to 31 March 2019, reporting an uptick in notifications and identifying the most common cyber trends leading to a requirement to … Continue reading

Privacy Shake-Up – Tougher Penalties and More Funding

What’s happened? The Australian Attorney-General’s department has announced a proposed new regime that would make changes to the Privacy Act 1988 (Cth) (Act). The proposed changes would see a significant expansion of the powers afforded to the Office of the Australian Information Commissioner (OAIC), particularly with respect to the scope of penalties that may be … Continue reading

Cyber Risk, Data Breaches and the NDB Scheme – What are the Australian Privacy Commissioner’s range of powers?

The Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018, resulting in various changes to Australia’s privacy law. In previous posts, we have considered: the nature and contents of notification statements; how to identify which data breaches need to be notified; the steps to be taken when an organisation suspects a … Continue reading

Data breach of jointly held information: who is responsible?

The Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018, resulting in various changes to Australia’s privacy law.  In previous posts, we have considered the nature and contents of notification statements, how to identify which data breaches need to be notified, and the steps to be taken when an organisation suspects … Continue reading

Suspicious of a data breach? You’ve got 30 days to finish your assessment

The Notifiable Data Breach Scheme (NDB Scheme) came into force on 22 February 2018, resulting in various changes to Australia’s privacy law. In previous posts, we have considered the nature and contents of notification statements, and how to identify which data breaches need to be notified. Those posts set out the notification requirements where an … Continue reading
LexBlog