Malicious or criminal attacks and human error continue as the major cause of notifiable data breaches reported the OAIC during the 6 month period to 31 December 2022 according to the OAIC Notifiable Data Breach Report-July-Dec 2022. This Update includes a summary of some key findings and statistics contained in the Report as well as steps which organisations can take to minimise the risk and harm of privacy data breaches.Read more
Recent awards of damages by courts for online defamation continue to serve as a warning to reviewers, bloggers, influencers and business competitors that care should be taken to ensure that the content posted online is factually correct and not defamatory. A Gold Coast cosmetic surgeon was recently awarded $420,000 in damages for false reviews made by a business competitor.Read more
Recent case of ASIC v RI Advice Group Pty Ltd serves as a warning that companies which do not have adequate cybersecurity risk management plans, systems and controls in place are at risk of contravention of the Corporations Law and the Privacy Act which can result in substantial pecuniary penalties. Practical steps can be taken by companies and their directors to reduce these risks.Read more
Cloud Based Computing Services – What are the data security risk management and legal issues for users?
Understanding the risks and legal issues associated with using cloud based computing services is critical for risk management and protection of an organisation’s data and related intellectual property and to minimise the risk of business disruption.Read more
Confidential Information/Trade secrets are the most valuable assets of many organisations and this data is potentially exposed to greater risk of unauthorised access, disclosure or use, with employees working remotely and using video conferencing services. Remote workplaces also give rise to increased security risks associated with privacy breaches. This article offers steps for consideration by agencies and organisations which use video conferencing, to help them manage and minimise the risk of data security breach and to protect their confidential information/trade secrets and ensure compliance with privacy laws.Read more