A statement like 'the world is a changing place' or the fact that we're relying more and more on technology won't be shocking to anyone. Anyone with a smartphone (which is almost everyone) will flock to promises of "free Wifi" and a lot of business are making the move into the cloud. But as technology improves and our reliances increases, what is our exposure to cyber threats?
But have you wondered recently, how secure is the information your business collects online?
What would you do if the security of that information was breached?
The federal government has thought about this question a lot. Changes have been implemented in Australian Privacy Laws and whether you’ve thought about them or not, they may impact you and your business.
2018 Changes to Australian Privacy Laws
As of 23 February 2018, changes to privacy laws has meant a shift from voluntary reporting to mandatory reporting for some businesses. Depending on the breach, individuals could be looking at fines of up to $420,000 and companise up to $2,1000,000 where serious or repeated non- compliance is discovered.
This means a lot of things for businesses. It means making sure you have the right cyber-security protection in place to protect any personal and sensitive information you hold.
It also means knowing what your obligations are, when they arise and what you need to do. Taking a little time now could mean saving you and your business a lot of time and cost further down the track.
What do I need to know?
Protecting yourself, your business and your customers or clients means knowing what the changes to the privacy laws mean and making sure you privacy policies and practices are up-to-date.
The changes to reporting requirements aren’t going to effect everyone, a lot is going to depend on what type of information you hold. If you collect or hold medical or financial information, you need to give a serious consideration to how secure that information is. The key to mitigating risk in a date breach and ensuring you’re meeting regulator requirments means the right person in your business knowing what they have to do and when.
Know your obligations if:
- a laptop or USB is lost or stolen
- your employees access or give out information without authority
- if information is given out to the wrong person or organisation
With up-to-date policies and procedures, you’re going to be able to identify when there is a likely risk of serious harm. That is where GLG Legal can help you.
Privacy obligations are not the same across the internet and you need the right policies and procedures for your business and the information you collect. That’s where we come in.