1 in 5 Aussie SMEs haven't heard of NDB scheme
Nearly one in five (19%) Australian SMBs have not heard even heard of the Australian Notifiable Data Breach scheme, and one in four have not heard of the EU’s General Data Protection Regulation.
These are among the key findings of the latest HP Australia IT Security Study (PDF), which also found that 51% of SMBs do not have policies in place that would meet their obligations under the new laws to protect against data breaches.
Even among the SMBs aware of the new legislation, there is confusion over its scope, according to HP South Pacific Interim Managing Director Paul Gracey.
“There is a misconception among many SMBs that the NDB does not apply to them. In reality, the threshold is much lower than the $3 million in annual turnover that is often referenced,” he said.
“For example, if you hold tax file numbers (and that TFN is involved in a data breach) or you hold health information and provide a health service, such as GPs, pharmacies and even childcare centres, your business would also fall under the scheme.”
The consequences for noncompliance are even steeper due to the growing awareness of privacy matters among the public in the wake of a series of recent high-profile data breaches.
Nearly half (46%) of Australian SMBs surveyed for HP’s report stated that their customers are increasingly opting out of data collection and sharing. And 67% of business owners themselves stated that they are uncomfortable with other businesses storing their personal data.
Yet business owners are increasingly relying on customer data to inform the development and launch of new products and to deliver more targeted sales and marketing. The survey found that 49% of SMBs believe that access to customers’ personal information is essential to their day-to-day business operations.
“The past year has seen a number of high-profile data breaches, which has no doubt increased consumer wariness around how businesses collect, use and store their personal data,” Gracey said.
“In a climate where most Australians have some nervousness around maintaining their privacy, SMBs need to be extra diligent in maintaining their role as trusted custodians of a customer’s most personal information.”
Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.
Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.
Govt unveils code of practice to boost IoT security
The Australian Government has released a code of practice for IoT devices like smart televisions...
Career opportunities booming in RPA
UiPath has revealed that the COVID-19 pandemic has increased demand for robotic process...
Magento 1 still in wide use despite reaching end of life
Adobe has issued the final patches for version 1 of the popular e-commerce platform Magento, but...