Tougher cyber security laws in full force
  1. Home
  2. Data & Security
  3. Tougher cyber security laws in full force
Data & Security

Last updated: 30 / 07 / 18

Tougher cyber security laws in full force

Australian health service providers can no longer withhold information about cyber security breaches, with the Federal Government’s new Notifiable Data Breaches scheme now in full force.

The Privacy Amendment (Notifiable Data Breaches) Act 2017, now brings Australia into alignment with other countries, which have already had the same requirements for years.

The NDB scheme applies to all agencies and organisations, including health service providers, with existing personal information security obligations under the Australian Privacy Act 1988 (Privacy Act).

This includes Australian Government agencies, businesses and not-for-profit organisations with an annual turnover of $3 million or more, credit reporting bodies, health service providers, and TFN recipients, among others.
Under the new NDB scheme, entities have data breach notification obligations when a data breach is likely to result in serious harm to any individuals whose personal information is involved in the breach.

The scheme applies to all kinds of personal and sensitive information. Examples include names, addresses, email addresses, genders, family members, financial information, tax file numbers and medical history.

Federal Attorney General, Christian Porter, stressed data breaches that might increase the risk of serious harm particularly include the release of sensitive information about an individual’s health, Medicare card information, driver’s licences, passport details, or financial information.

He said the new scheme sent a clear message that the Government was taking the security of personal information seriously.

“This means that Australians will know if their personal information has been breached and will be empowered to protect themselves, by being able to act quickly to minimise damage,” he said.

The Australian Information Industry Association (AIIA), has recently welcomed the scheme as a proactive way of tackling cyber security breaches in Australia.

“The AIIA is supportive of the Office of the Australian Information Commissioner (OAIC) and its roll out of the NDB scheme”, AIIA’s CEO, Rob Fitzpatrick, said. “Importantly, the NDB scheme provides a notification that must include recommendations about the steps that should be taken in response to a breach.

Fitzpatrick highlighted the ICT sector has a very central role in helping organisations meet their compliance commitments under the scheme, as well as preventing and remediating data breaches.

“The ability to confidently engage online is a critical foundation of a digital society, and anything that builds confidence for citizens and businesses is an important step forward,” he added.

For more information on how the new NDB Scheme affects the healthcare sector click here.
Free on-demand webinars

Clinical Practice Security Summit 2020

Watch now
Topics
Practice Software You Will Love - Learn More.

Related articles

What is FHIR and why is it important in healthcare?

Data & Security

13 / 03 / 24

What is FHIR and why is it important in healthcare?
Don’t Take Risks with Your Practice’s Data: Keep it Local

Data & Security

26 / 07 / 23

Don’t Take Risks with Your Practice’s Data: Keep it Local
Types of Cyber Attacks & How To Improve Your Practice Security

Data & Security

10 / 07 / 23

Types of Cyber Attacks & How To Improve Your Practice Security
Protect Your Medical Practice Against a Data Breach – Part 1

Data & Security

30 / 06 / 23

Protect Your Medical Practice Against a Data Breach – Part 1
Is your practice prepared for a cyber security incident?

Data & Security

15 / 06 / 21

Is your practice prepared for a cyber security incident?
How to protect your practice from a cyber attack

Data & Security

22 / 04 / 21

How to protect your practice from a cyber attack
Telstra Health Smart Connected Care