Malicious or criminal attacks and human error continue as the major cause of notifiable data breaches reported the OAIC during the 6 month period to 31 December 2022 according to the OAIC Notifiable Data Breach Report-July-Dec 2022. This Update includes a summary of some key findings and statistics contained in the Report as well as steps which organisations can take to minimise the risk and harm of privacy data breaches.
Read more
Increasingly the ACCC is involved in technology disputes, either taking court enforcement proceedings against digital platforms and technology companies or intervening in private litigation commenced by affected parties. This review of recent technology cases provides useful insights for businesses and consumers into emerging trends and the related risk management.
Read more
Recent case of ASIC v RI Advice Group Pty Ltd serves as a warning that companies which do not have adequate cybersecurity risk management plans, systems and controls in place are at risk of contravention of the Corporations Law and the Privacy Act which can result in substantial pecuniary penalties. Practical steps can be taken by companies and their directors to reduce these risks.
Read more
Risk Management: Data Protection and Privacy Compliance Privacy compliance and data breach risk management is too often not taken seriously by Australian organisations. The complexity of organisational structures and IT business systems in many instances results in management not knowing what data is collected by whole of business and how the data is managed and… Read More
Read more