Notifiable data breaches scheme

Tuesday 16 January

Members are reminded that the Privacy Amendment (Notifiable Data Breaches) Act 2017 that applies from Thursday 22 February makes it mandatory for businesses to report certain data breaches.

Under the Notifiable Data Breaches (NDB) scheme, businesses need to notify individuals and the Australian Privacy Commissioner in the case of ‘eligible data breaches’ which are likely to result in serious harm to the individual.

For guidance on what constitutes an eligible data breach, what ‘serious harm’ means, and the notification process, download CPA Australia's IT checklist for small business (PDF)

Find out what a data breach would mean for your business.