In our recent presentation E-Commerce Expectations, we discussed the importance of data breach notification, which is the practice of notifying customers or clients if data regarding their personal and sensitive information, collected and stored by your business, has been breached by an unauthorised party.
There are currently no Australian laws that require a business to notify customers of a data breach, however many businesses opt to provide voluntary notices of data breach.
Mandatory data breach notification laws have been unsuccessful in recent years, with The Privacy Amendment (Privacy Alerts) Bill 2013 lapsing in parliament. The bill was reintroduced in 2014 as a private Senator’s bill, however, it has met some opposition in regards to its implementation.
The Government announced earlier this year that it will “introduce a mandatory data breach notification scheme by the end of 2015, and will consult on draft legislation”, in hopes of reaching an agreeable draft of the mandatory data breach notification laws.