OAIC consumer guides for NDB scheme


By Dylan Bushell-Embling
Tuesday, 20 February, 2018

OAIC consumer guides for NDB scheme

With Australia’s Notifiable Data Breach legislation due to come into effect on Thursday, the Office of the Australian Information Commissioner (OAIC) has published two new guides to inform the public of what steps to take if they are informed of a breach.

The new guides include information on what to expect when receiving a data breach notification, including when a privacy complaint can be made to the OAIC.

A separate guide contains tips on reducing the risk of harm incurred after a breach, such as tips on combating harm that may result in breaches involving financial or contact information, and steps to take when consumers suspect they may be victims of identity fraud.

The guidelines were developed in consultation with consumer groups, non-profits and Australian government agencies.

The OAIC has also previously published resources for organisations to use to ensure they implement the requirements of the NDB scheme.

“The Notifiable Data Breaches scheme formalises a longstanding community expectation to be told when a data breach that is likely to cause serious harm occurs,” Australian Information Commissioner Timothy Pilgrim said.

“The practical benefit of the scheme is that it gives individuals the chance to reduce their risk of harm, such as by resecuring compromised online accounts. The scheme also has a broader beneficial impact — it reinforces organisations’ accountability for personal information protection and encourages a higher standard of personal information security across the public and private sectors.”

He said a survey conducted last year found that around 95% of Australians believe they should be told if a business or government agency loses their personal information.

Under the Notifiable Data Breach regime, all government agencies and organisations that are governed by the Privacy Act will need to inform individuals affected by a data breach that is likely to cause serious harm. Failure to comply can attract fines of up to $2.1 million.

Follow us and share on Twitter and Facebook

Related Articles

Enterprise AI isn't autopilot: it's cruise control that CISOs need to steer

AI is advancing at such a rapid rate that CISOs need to keep their eyes on the road and hands on...

Why Macs could become an Achilles heel for businesses in 2025

As Macs continue to gain traction in the corporate world, their appeal to cybercriminals will...

Building a critical infrastructure security dream team

Today it's essential to have a strong cyber strategy, with all corners of the business aware...

Content from other channels on our network

Victorian Government awards Motorola $500 million comms contract

Genetec launches Cloudrunner in A‍NZ

Driving AI innovation and scale with high‍-‍capacity Ethernet

Audit finds agencies ramped up AI in 2024 with no policies in place

Fortinet opens new Australian headquarters

Motorola to maintain Vic's Metropolitan Mobile Radio network

Tait Communications acquires video tech company m-View

Comms Connect NZ seeks your stories for its 2025 conference program

Govt moves to legislate better protections for telco consumers

WA Govt boosts mobile coverage at regional surf beaches

Draft rule to reduce risk of power outages

AI plus Wi-Fi makes smart homes smarter

Schneider Electric boosts cybersecurity with Nozomi Networks

Why engineering is critical to meeting Australia's climate targets

Street-side EV charging gets a $2.4m boost

  • All content Copyright © 2025 Westwick-Farrow Pty Ltd