New Data Breach Laws

Recent changes to Australia’s privacy laws now require businesses to report data breaches or risk a heavy fine. A data breach occurs when personal information held by a business is lost or subject to unauthorised access or disclosure.

The new “Notifiable Data Breaches” scheme (NDB) of the Privacy Act will apply to all organisations (including small businesses) covered by the Australian Privacy Act 1988. It establishes new reporting requirements of eligible data breaches to authorities and also members of the public. This means that if an organisation believes or is aware that data has been compromised, they must notify the Office of the Australian Information Commissioner (OAIC) and to those people whose public information has been exposed.

If a data breach occurs, the obligation to notify will generally involve preparing a statement containing required information about the breach, providing this statement to the OAIC and notifying the affected individuals. If the business only suspects that a data breach has occurred, notification is not immediately required, however an investigation into the relevant circumstances should be completed within 30 days.


So, what should your business do now?

  • Review the useful guide prepared by the OAIC explaining the requirements of the new scheme. This will help to ensure you are aware of the new scheme and what it means for your business.
  • Prepare a Data Breach Response Plan (or update an existing plan) to ensure that your business is ready and able to respond to any future data breaches whilst complying with the new scheme.
  • Review your current information security arrangements. Are they up to date and sufficient to protect any personal information your business is holding?


The NDB scheme began on February 22 and only applies to eligible data breaches that occurred on or after that date.

For advice regarding the new Notifiable Data Breaches scheme, please contact us on (08) 9316 9896 or



More Posts

How Are You Managing Your Farm's HR

How Are You Managing Your HR?

The recent election of the Labor government is likely to lead to significant employment and industrial relations changes. With the new government, I anticipate several

Industrial Manslaughter Imprisonment

Industrial Manslaughter Imprisonment

Businesses should now be aware of Western Australia’s new Work, Health, and Safety (WHS) legislation and the implications concerning workplace deaths and industrial manslaughter.  If

Contact us for help

Contact Us

Start your HR or Safety assessment for your business

Treat yourself

Let Us Take Care Of You

Copyright © ProcessWorx 2022

marisa ross team photo

Marisa Ross

HR Advisor

Marisa is an experienced and motivated HR professional with a strong HR generalist and business operations background with a focus on employee relations, performance management, leadership training & development, workers compensation & injury management, and employee retention. Marisa holds a Bachelor of Human Resource Management and a Bachelor of Behavioural Science with a minor in Counselling. Having worked in a variety of industries from SMEs to large blue-chip organisations, Marisa is passionate about enriching employee experience, employee retention, and building leadership capability in people management.

Aimee Grigson

Aimee Grigson

WHS Advisor

Aimee has a strong understanding of Workplace Health and Safety Legislation and standards and has extensive HSEQ experience in a number of industries. Aimee has a great ability to engage across all levels of organisation, including field teams, leadership and external stakeholders. Aimee ensures Health and Safety Management Systems are compliant to legislation, effectively implemented and understood by all. Aimee has a Certificate IV in Work Health and Safety and qualifications in auditing and incident investigations. Aimee is passionate about coaching and developing small businesses towards a positive safety culture.