Aussie firms unprepared for Privacy Act changes
Up to three in five Australian organisations are unprepared for changes to the Privacy Act coming into effect this month, leaving themselves liable to fines and penalties, a new report asserts.
The report from Galaxy Research, commissioned by Iron Mountain, shows that as of December less than one fifth of organisations had taken any action to prepare for the Privacy Amendment Act.
A survey of 101 Australian executives in charge of their companies' information security also suggests that only 54% of organisations have evaluated the law's impact on their business, and 17% were completely unaware of the amendment.
The amendment takes effect on 12 March. It will require organisations to have compliant privacy policies and procedures, specific to the company, in place by this time. The amendment also classifies a wider range of information as personal information.
Organisations deemed to not be in compliant with the new regulations face penalties as high as $1.7 million.
The survey also shows that more than 70% of respondents believe that the risks associated with the management of information are greater than ever.
Organisations with an information risk officer are on average twice as likely to be in the process of making changes to comply with the new amendment than those who don’t. They are also twice as likely to be aware of the draft legislation covering mandatory data breach notification.
“Many of the findings of the study confirm what we have suspected to be the case for some time,” Iron Mountain Australia managing director Greg Lever said. “While organisations are coming to recognise the importance of information as a source of competitive advantage, too many are either unaware or simply not ready for the challenges of today’s information landscape.”
Too much of a good thing: Australia's cyber overlap issue
Recent research indicates many organisations may have too many security systems with overlapping...
The true cost of cyber attacks
The average annual expense of recovering and dealing with cyber attacks has surpassed AU$4.1...
Tackling the human element in modern authentication: the phishing-resistant user
Integrating human-centric cybersecurity strategies is not merely an option but a necessity in...