Volume: 14 Issue: 3
gilbert + tobin lawyers
On 13 February 2017 the Australian Federal Parliament enacted the Privacy Amendment (Notifiable Data Breaches) Act 2017, inserting mandatory data breach notification requirements into the Privacy Act 1988 (‘the Privacy Act’). These provisions will replace the voluntary data breach notification guidelines as currently administered by the Office of the Australian Information Commissioner (‘OAIC’) and require entities subject to the Privacy Act to notify the OAIC and affected individuals, if the entity experiences a data breach of a kind covered by the Data Breaches Act. Peter Leonard, Partner at Gilbert + Tobin Lawyers, reviews the new requirements below.