• Menu
  • Skip to right header navigation
  • Skip to primary navigation
  • Skip to secondary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Before Header

Call us now  07 4688 2188

  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

Clifford Gouldson Lawyers

  • About
    • Our Origin Story
    • Our Manifesto
    • Our Future
    • CGLaw COVID Protocol
    • Toowoomba
    • Brisbane
    • Sunshine Coast
  • Careers
  • Community
    • 2021 Artist in Residence Program
  • Contact Us
  • Search
  • About
    • Our Origin Story
    • Our Manifesto
    • Our Future
    • CGLaw COVID Protocol
    • Toowoomba
    • Brisbane
    • Sunshine Coast
  • Careers
  • Community
    • 2021 Artist in Residence Program
  • Contact Us
  • Search

Mobile Menu

  • Our Team
  • Practice Areas
  • Knowledge
  • Events
  • Industries
  • For Individuals
  • Facebook
  • LinkedIn
  • Twitter
  • YouTube
  • Our Team
  • Practice Areas
  • Knowledge
  • Events
  • Industries
  • For Individuals

Only 10 day until major privacy law changes – are you ready and compliant?

You are here: Home / News / Only 10 day until major privacy law changes – are you ready and compliant?

On Thursday, 22 February 2018, new provisions of the Privacy Act 1988 (Cth) will come into effect across Australia. The new sections of the Act will legally compel many businesses to notify customers, clients, users and other third parties of certain data breaches. These changes are referred to as the Notifiable Data Breaches (NDB) scheme.

Are you a:

  • private sector business with an annual turnover exceeding $3m*;
  • private sector business that provides any health services; or
  • private sector business that trades in personal information; or
  • credit reporting body; or
  • employee association; or
  • Australian government department or corporation; or
  • small business that has “opted-in” to the Act?

If you answered “yes” to any of the above you must:

  1. notify a person if:
    • you hold that person’s private information; and
    • there is an unauthorised access, disclosure or loss of that information (a “data breach”); and
    • the data breach is likely to result in serious harm to the person; and
  2. provide the person with advice on the steps they should take (e.g. changing passwords, cancelling credit cards, etc.); and
  3. notify the Australian Information Commissioner.

The Commissioner may provide advice and guidance, and in some circumstances may take regulatory action if the breach is serious enough.

What happens if my business doesn’t comply?

A failure to comply with the scheme will be considered an “interference with the privacy of any individual”. Accordingly, the Commissioner may take such action as:

  • seeking, accepting and enforcing undertakings;
  • making and enforcing determinations;
  • seeking injunctions; and
  • applying to a court for the application of a civil penalty, up to $420,000.00.

What should you do now?

  • review and update your current privacy policies and procedures to ensure that information is collected and handled responsibly and safely;
  • implement data breach policy procedures, in order to assess, remedy and notify data breaches if they occur; and
  • review your current IT and data security policies, procedures and systems, in tandem with your IT provider to ensure the chance of a data breach is kept to a minimum.

Need more information?

The Office of the Australian Information Commissioner provides general information on the scheme, which can be accessed here.

If you are not sure if the legislation applies to you, or you need help becoming compliant before 22 February, Clifford Gouldson Lawyers can provide advice, training and audits in relation to such policies and procedures.

*Certain small businesses with a turnover under $3m may also need to comply with elements of Act, such as those providing services to the Commonwealth (click here for a detailed list).

Previous Post: « When Christmas parties go VERY wrong
Next Post: Project bank accounts commence 1 march 2018 »

Primary Sidebar

We can help

Ben Gouldson

Director

Amanda Tolson

Director

Carly Brailak

Special Counsel

Jacob Bartels

Senior Associate

Lisa Hooper

Lawyer

Tamsyn Harris

Lawyer

Nicola Hayden

Trade Marks Attorney

Sally Fraser

Conveyancing Paralegal

Michelle Price

Paralegal

Tracey Gust

Paralegal

Carol Redgen

Conveyancing Paralegal

Heath Knox

Commercial + Property Paralegal

Lily Bligh

Legal Secretary/Law Clerk

Maddison Klingner

Legal Secretary

Related Alerts

May 31, 2022
I am selling my business, but what about the employees?

Selling or purchasing a business is an exciting milestone in any business owner’s career....

March 17, 2022
Director ID Key Dates

From 1 November 2021, all existing company directors are required to apply for director identification...

March 8, 2022
Off-the-plan contracts:  Is a 4.4% variation enough to rescind?

Most off-the-plan property contracts contain terms that permit a 5% variation in the final...

View other alerts

Footer

Clifford Gouldson Lawyers

CLIFFORD GOULDSON LAWYERS
P: 07 4688 2188
F: 07 4688 2199
mail@cglaw.com.au
  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

Locations

TOOWOOMBA (Head Office)
Level 1, 610 Ruthven Street,
Toowooomba Q 4350

PO Box 8208,
Toowoomba South Q 4350

Toowoomba Office

BRISBANE
Suite 1805, Level 18,
239 George Street,
Brisbane Q 4000

PO Box 12802 George Street,
Brisbane Q 4003

Brisbane Office

 

SUNSHINE COAST
L1, Regatta Corporate Building,
2 Innovation Parkway,
Birtinya Q 4575

Locked Bag 5010
Caloundra DC Q 4551

Sunshine Coast Office

Practice Areas

  • Wills, Estates, Planning + Structuring
  • Workplace
  • Litigation + Dispute Resolution
  • Commercial + Property
  • Construction
  • Intellectual Property
  • Privacy & Disclaimer
  • Terms of Use

Site Footer

CG Law (Trading) Pty Ltd ACN 143 426 028 t/a Clifford Gouldson Lawyers ABN 89 143 426 028 Liability limited by a scheme approved under professional standards legislation..

Copyright © 2022 Clifford Gouldson Lawyers · Privacy & Disclaimer · Terms of Use · Marketing by John Gray Marketing · Site by Kingfisher