In this update, Stephens Lawyers & Consultants provides an overview of the compensation awarded in privacy breach determinations made during October 2022 – July 2024 by the OAIC and some of the factors it took into account in awarding compensation and costs.
With long awaited changes to the Privacy Act now imminent, businesses cannot afford to be complacent about privacy compliance.
Read more
The OAIC’s latest Notifiable Data Breaches Report (Jul – Dec 2023) reveals the risk for organisations that outsource the handling of personal information to third party service providers and contractors – as well as risks of retaining personal information for longer than needed. In this Update we review the OAIC’s latest findings and provide guidance on steps an organisation can take to minimise risk and harm and to protect confidential information/data.
Read more
Under Australian Privacy Law, organisations that hold Personal Information must take reasonable steps to destroy or de-identify personal information that the entity no longer needs – or face risks of incurring high penalties and reputational damage. An effective Data Retention and Destruction Policy provides an entity with a clear roadmap to ensure compliance with its obligations at law.
Read more
During the period of 2016 to July 2024, the awards for compensation for privacy breaches in Determinations made and published by the Australian Information and Privacy Commissioner (OAIC) have ranged from about $1,000 to $20,000. In this update, Stephens Lawyers & Consultants provides a review of the OAIC Determinations and compensation awards for privacy breaches made during the period October 2022 to July 2024 – and factors taken into account by the OAIC in making those awards.
Read more
Recent case of ASIC v RI Advice Group Pty Ltd serves as a warning that companies which do not have adequate cybersecurity risk management plans, systems and controls in place are at risk of contravention of the Corporations Law and the Privacy Act which can result in substantial pecuniary penalties. Practical steps can be taken by companies and their directors to reduce these risks.
Read more