HACKED! Data breach notification becomes mandatory

Currently, if personal information held by your organisation is accessed by or disclosed to an unauthorised party, it is merely voluntary for you to advise affected individuals.  That will soon change if you are covered by the Privacy Act 1988.  The Act generally applies to entities with an annual turnover of $3 million or more.  

Significant changes to the Privacy Act: Is your business ready?

A number of significant changes to the Privacy Act 1988 (Cth) will come into force on 12 March 2014. It is important that businesses ensure that their privacy practices, procedures and systems are reviewed to ensure continuing compliance with the Privacy Act. The changes also give the Information Commissioner greater enforcement powers against non-compliant businesses, including civil penalties of

Consent and the Privacy Act in the ‘Big Data’ era

One of the biggest challenges privacy regulators face is the onset of ‘Big Data’ — the hoovering up of large unstructured datasets for analysis at insanely affordable prices. In amending Australia’s Privacy Act, the Office of the Australian Information Commissioner (OAIC) has studied this trend in detail. But after discussing the Act with a panel of experts

The Privacy Act and the cloud

Australia’s new Privacy Act will come into effect during a period of tremendous turbulence in the technology sector, owing to a surge in subscriptions to cloud computing services. Most of the initial resistance by CIOs to the use of cloud services is dissipating as the weight of opinion swings in favour of the model, spurred

Is your IP address personal information?

After reading up on the amendments to Australia’s Privacy Act over the past month, and hosting a forum with experts on the matter, I can only conclude that the vast majority of Australia’s large organisations will not be fully compliant with the Act upon its introduction on March 12. Late last year, myself and InfoSec

Are you ready for a data request deluge?

The Improbability of Privacy Act Compliance (Part 4) For the past three days I’ve opined as to the reasons why Australian organisations are unlikely to be prepared for the updated Privacy Act come March 12, with emphasis on what constitutes personal data and the impact of the amended Act on cloud computing and big data.