OAIC Releases Latest Report on Notifiable Data Breaches – Privacy Risk Management Update

Malicious or criminal attacks and human error continue as the major cause of notifiable data breaches reported the OAIC during the 6 month period to 31 December 2022 according to the OAIC Notifiable Data Breach Report-July-Dec 2022. This Update includes a summary of some key findings and statistics contained in the Report as well as steps which organisations can take to minimise the risk and harm of privacy data breaches.

Read more

Damages for Online Defamation – Recent Cases – 1 March 2022 to 1 December 2022

Recent awards of damages by courts for online defamation continue to serve as a warning to reviewers, bloggers, influencers and business competitors that care should be taken to ensure that the content posted online is factually correct and not defamatory. A Gold Coast cosmetic surgeon was recently awarded $420,000 in damages for false reviews made by a business competitor.

Read more

Do companies require a cybersecurity risk management plan, under Australian law?

Recent case of ASIC v RI Advice Group Pty Ltd serves as a warning that companies which do not have adequate cybersecurity risk management plans, systems and controls in place are at risk of contravention of the Corporations Law and the Privacy Act which can result in substantial pecuniary penalties. Practical steps can be taken by companies and their directors to reduce these risks.

Read more

Protecting Confidential Information and Personal Data during COVID-19 – (April 2020)

Confidential Information/Trade secrets are the most valuable assets of many organisations and this data is potentially exposed to greater risk of unauthorised access, disclosure or use, with employees working remotely and using video conferencing services. Remote workplaces also give rise to increased security risks associated with privacy breaches. This article offers steps for consideration by agencies and organisations which use video conferencing, to help them manage and minimise the risk of data security breach and to protect their confidential information/trade secrets and ensure compliance with privacy laws.

Read more