The Notifiable Data Breach Scheme (NDBS) is coming into effect on 22nd February 2018.
The law means that most Australian institutions must be able to report a data breach of their IT environment within a 72-hour window.
For large multinational organisations, this will be compounded by the General Data Protection Regulation (GDPR) from the European Union. The GDPR provides a framework for managing and defining enterprise-wide policies, business rules & data assets to provide the necessary level of data protection and quality. It has the power to issue fines of up to 2-4% of global revenue for non-compliance.
In Australia, the NDBS applies to the following Australian Business and TFN holders:
- Australian Government agencies
- All businesses and not-for-profit organisations with an annual turnover of $3 million or more
- Some small business operators, including:
- All private sector health service providers
- Those that trade in personal information
- TFN recipients (if annual turnover is below $3 million, the NDB scheme will apply only in relation to TFN information)
- Those that hold personal information in relation to certain activities, for example; providing services to the Commonwealth under a contract.
A Notifiable Data Breach is a data breach that is likely to result in serious harm to any of the individuals to whom the information relates.
A data breach occurs when personal information held by an organisation is lost or subjected to unauthorised access or disclosure.
Examples include when:
How can CompNow help your organisation prepare?
Working with key vendors such as Extreme and Sophos, we have the tools to help you combat malicious attempts to violate your IT environment from the edge of your network all the way to the core.
Extreme Analytics can provide you with a never before seen view of your network, whilst providing you with real time analytics, that makes your network safer as it monitors and identifies malicious or unwanted applications that can lead to a data breach. Extreme Analytics can also monitor all aspects of security compliance.
Sophos, with its market leading synchronised security, XG Appliance and Intercept X, provide the ultimate way to prevent data breaches from the outside world, all seamlessly managed from your Sophos Control Centre to give you unrivalled insight, security and simplicity on any network.