Privacy Compliance Update – Privacy Bill passed. Are you prepared for the changes?

On 29 November, 2024 amendments to the Australian privacy law made by the Privacy and Other Legislation Amendment Bill 2024 (the ‘Bill’) passed and came into effect on 11 December 2024 (the day after receiving Royal Assent). In this Update we provide an overview of some of the key changes arising from the Bill, together with guidance on steps that businesses can consider taking now to prepare for the changes and privacy law compliance generally.

Read more

Compensation for Privacy Breaches (Oct 2022 to July 2024) – Privacy Law Update

In this update, Stephens Lawyers & Consultants provides an overview of the compensation awarded in privacy breach determinations made during October 2022 – July 2024 by the OAIC and some of the factors it took into account in awarding compensation and costs.
With long awaited changes to the Privacy Act now imminent, businesses cannot afford to be complacent about privacy compliance.

Read more

Risk Management: Data Protection and Privacy Compliance – April 2024 Update

The OAIC’s latest Notifiable Data Breaches Report (Jul – Dec 2023) reveals the risk for organisations that outsource the handling of personal information to third party service providers and contractors – as well as risks of retaining personal information for longer than needed. In this Update we review the OAIC’s latest findings and provide guidance on steps an organisation can take to minimise risk and harm and to protect confidential information/data.

Read more

The Risk of Data Retention – Why Your Organisation Needs a Data Retention and Destruction Policy

Under Australian Privacy Law, organisations that hold Personal Information must take reasonable steps to destroy or de-identify personal information that the entity no longer needs – or face risks of incurring high penalties and reputational damage. An effective Data Retention and Destruction Policy provides an entity with a clear roadmap to ensure compliance with its obligations at law.

Read more

Compensation for Privacy Breaches Determined by the Australian Information and Privacy Commissioner – Oct 2022 to July 2024

During the period of 2016 to July 2024, the awards for compensation for privacy breaches in Determinations made and published by the Australian Information and Privacy Commissioner (OAIC) have ranged from about $1,000 to $20,000. In this update, Stephens Lawyers & Consultants provides a review of the OAIC Determinations and compensation awards for privacy breaches made during the period October 2022 to July 2024 – and factors taken into account by the OAIC in making those awards.

Read more