Are Australian legal firms prepared for a data breach program?

The prominent rise of hackers accessing large corporate data sources has created a completely different landscape for the Data-breaches data security industry. In response to this, the Federal Government has released an exposure draft of new mandatory data breach notification laws that will form part of the Privacy Amendment (Notification of Serious Data Breaches) Bill 2015.

Originally earmarked to be implemented in the first half of 2016, these new laws are still in review however will mandate that any business, corporation, or government organisation must report the loss or theft of data that originates with them.

This will mean that it is the entity’s responsibility to not only secure their data, but also maintain an increased level of communication with those whose data they have collected. The essential goal of these mandatory reporting legislation’s is to avoid data breaches and to mitigate and limit the negative impacts when data is lost or stolen.

In the 2016 Cost of Data Breach Study: Australia by the Ponemon Institute, it was found that the average total cost of a data breach is $2.64 million while the average cost per lost or stolen record is $142. In fact, Jones Day have warned that Australian companies need to craft and implement data breach programs now to avoid the increased risk of aggressive litigation.

The key steps for Australian businesses to be prepared are to:

  • regularly review and strengthen their IT and data security systems, policies, and procedures, and
  • prepare for how they would report a potential data breach to authorities and customers.

In particular, businesses should review [or, if not already in place, develop] risk management and compliance policies and procedures to both prevent data breaches and deal with them, in the unfortunate but increasingly likely event that they occur.” Adam Salter Partner in Jones Day’s Cybersecurity, Privacy and Data Protection practice.

Privacy activists have been calling for these legislative updates for many years in order to effectively track the threat to personal data and identity theft that is becoming more widespread.

By collecting the sensitive information of their customers, every organisation needs a trusted security partner that can guarantee their data will maintain its confidentiality.

Compu-Stor provides the highest level of assurance by employing the world’s leading technologies and systems for data storage and security. Outsourced data security, provided by Compu-Stor in our state-of-the-art facilities, is the leading systematic method of ensuring that your consumer’s information stays exactly where it is intended – under your secure control.