Featured|Planning & Management

Why businesses should have a privacy audit before February 22

privacy audit, data audit, financial audit, workplaces audit, recovered
Jason Akkari
February 16, 20182 mins read

On February 22, the government’s mandatory data breach notification scheme will come into effect. The scheme requires organisations to notify the Office of the Australian Information Commissioner (OAIC) and the affected individual if the organisation experiences a data breach that compromises personal information and is likely to cause serious harm. Failing to comply with the scheme could result in heavy fines as well as the less-tangible loss of customer faith.

All businesses subject to the Privacy Act need to comply with the new scheme. This includes government organisations as well as businesses and not-for-profits with an annual turnover of more than $3 million. If these businesses can demonstrate to customers that they are working hard to protect their privacy, then customers are more likely to remain loyal and it will be easier to attract new customers.

Some organisations may already have all the right measures in place to comply with the scheme. For others, there may be weak spots in the organisation’s security approach or technologies that make a data breach more likely. Prevention is definitely better than cure in this case, so it’s important for organisations to focus their efforts on making sure they minimise the risk of a data breach through a data audit.

There are five key steps businesses should take to prepare for the mandatory data breach notification scheme:

  1. Confirm whether the business is subject to the scheme.
  2. Know what types of information the business’s systems hold.
  3. Put security controls in place to appropriately protect data based on its confidentiality or sensitivity.
  4. Put measures in place to detect potential breaches.
  5. Develop a response plan to effectively react if a data breach is suspected.

To help businesses prepare for the mandatory data breach notification scheme, we are offering a comprehensive privacy audit. We’d recommend that everyone checks to see how their organisation stacks up and, if need be, takes appropriate steps to plug any gaps. Such an audit will give business leaders confidence that their company is ready to comply with the new legislation.

Jason Akkari, Security consultant, Aleron

Recommended by IR
Building better teams – anywhere
Productivity
Building better teams – anywhere
Virtual worlds, real learning
Innovation
Virtual worlds, real learning
Show them how you’re special
Branding
Show them how you’re special
An upgrade in kindness
Sustainability
An upgrade in kindness
Payment apps that pay off
Digital
Payment apps that pay off
Author's latest articles
×
Essential insights delivered straight to your inbox. Sign up now - it's FREE
By submitting your details you confirm you have read our T&Cs and privacy policy.