Australian Companies are Forced by Law to take Better care of their Security
In a try to prevent and diminish data from being incorrectly leaked from organisations, the Australian Labour and Liberal parties proposed a mandatory data breach notification scheme which went into effect on the 22nd of February 2018. According to this, organisations will have to report eligible data breaches or lost data to the Privacy Commissioner as soon as they become aware of the situation. Even more, they will also have to notify affected customers by publishing a statement on their company website.
The law is also affecting companies that want to store data offshore using Cloud based services such as G Suite & Office 365 so, if you want more details on this topic, take a look at the article we wrote a while back on data Privacy Laws.
The main objective of this newly-passed law, is to bring awareness to the organisations that hold and handle personal data. It is also an attempt of holding accountable the entities that don’t attend to their security needs. Sadly, many businesses don’t invest in their cyber security and employ bad practices, thus allowing hackers and ill-intentioned people to breach and steal sensitive data bases. The new law forces business owners to care more about security - otherwise, in the case of a breach, they risk ruining their reputation in front of customers and collaborator and getting a large fine.
The law requires companies and government agencies to first take preventive measures by increasing and improving their security and second, to report breaches. This way, both individuals and companies will be protected against cyber attacks and they will have the opportunity to establish a level of trust that is required for a good business flow.
This law will have a powerful effect on government agencies and organisations with a turnover of $3 million per year and above. The entities that will refuse to comply will face penalties of up to $360,000 fines for individuals and $1.8 million for organisations and their reputation will be forever affected.
Read the legislation here https://www.legislation.gov.au/Details/C2017A00012
What’s the next step?A good starting point is to make sure your IT security is at a very high level. The Australian govenment has put together a list of recommended IT security standards for organisations to have in place, which is called “The Essential Eight”. It may be difficult for a non IT savvy person to understand this and see if they are compliant or not. So its best to get an IT Security expert or IT Managed Services Provider to perfrom an IT security review for you. Otherwise Onsite Helper can help you with improving and creating a powerful security system that will fit your budget and your needs. Even more, we’re offering a free onsite or remote IT security assessment that will let you know if your business is safe against data breaches (just fill in the contact form to the right, and a specialist will get in touch).
We recommend giving us a call as soon as possible because it takes a fair amount of time to implement fixes and changes, even for a small IT system. After all, it’s in the best interest of your image to run a business without any security holes!
Just imagine: if the worst thing happens and you do get breached, having to notify all your customers and the authorities would be detrimental to your image as a trustworthy business!