Data breach notification scheme – what you need to know



5th  March 2018

On 22nd February 2018, an amendment to the Privacy Act known as the Privacy Amendment (Notifiable Data Breaches) Bill came into effect. Failure to comply with the amendment can result in significant fines. 


What does it mean for my business?

The Bill applies to any organisation with an annual turnover of greater than $3m. These organisations are now required to advise the Office of the Australian Information Commissioner (OAIC) and any affected individuals of an ‘eligible’ data breach.

AccountantsIQ considers it to be a good idea for all accountants to be aware of the issue and have a strategy for assessing, managing and containing data breaches. 


What is an ‘eligible’ breach?

An eligible data breach is when a reasonable person would conclude that access to or disclosure of information is likely to result in serious harm to any individual to which the information relates. Circumstances where this might arise include:

  • Unauthorised access to or disclosure of information such as a database being hacked or information being disclosed in error.
  • When information is lost in a situation where unauthorized access or disclosure is likely to occur.


What can I do?

If you do not yet have a data breach response plan in place, we may be able to assist with a package that enables you to meet the new requirements and includes:

  • Response plan
  • DBN Register
  • Notifiable Data Breach Checklist

Submit your details to contact us. You can also join the AccountantsIQ community on LinkedIn to stay up to date with our latest information. Click here.

I would like to be contacted about compliance with the data breach notification scheme

* indicates required