Australia’s Privacy Act 1988 has lagged that of the European Union, the United States and several other countries for some time. The Australian Government lead by the Attorney General Mark Dreyfus, has proposed significant changes including individual rights modeled on GDPR such as the right to request to erasure and notification of data breaches to the OAIC within 72 hours. The proposal has been accelerated by the high-profile data breaches in Australia in 2022 where Personal Information and Sensitive Data belonging to millions of Australian citizens was exposed to risks of identify fraud and scams.
Australia is moving in the right direction in regards to rights of individuals and the requirements of businesses to comply with new legislation. In relation to security of privacy data, retention vs destruction of personal data and notifiable data breaches, the report states that ‘recent large scale data breaches have highlighted the vast amounts of personal information that is collected and retained by entities, and the need for entities to put in place stronger protections to prevent unauthorised access to Australian’s information. The best way to protect personal information is for entities to minimise the amount of personal information they collect and retain.’
Talk to us at DataBench to understand how we can support your business in all aspects of personal data security, retention/destruction, data breach prevention and automation of compliance to the Australian Privacy Principles.
For full details of the news breaking story, please click here.