Cybersecurity Update

This fortnight’s Cyber Security newsletter is about why it’s important to know about privacy. Please note that the information below does not constitute legal advice and we encourage you to seek your own legal counsel for further clarification; the information we provide here is intended to guide you on legislative considerations from a cyber security perspective.

Let’s take four practical points from the Privacy Act;

  • The Privacy Act 1998 (Cth) applies to almost all businesses where turnover >$3M p.a. and any health or credit service provider
  • Defines ‘personal information’ as any information or opinion about an identifiable or reasonably identifiable individual
  • More stringent rules for ‘sensitive information’ (including information about health, race and other sensitive issues) and credit information
  • Specific rules for Tax File Numbers, exemptions for records about employees

In fact, many people have important information that they would prefer to keep private. This might include their Tax File Number, medical history, personal financial records.

If you’re a business owner, it’s likely that you will have a great deal of personal information about you, your staff, your customers, or even others, stored conveniently on your computer systems.

If the information you store is ever compromised, such as through theft, loss, ransomware, accidental sharing and the like, it’s worth considering the possible impacts of the Privacy Act on you and your business, let alone other legislation such as Notifiable Breach and soon, Critical Infrastructure (we’ll cover this in future newsletters).

Therefore it’s vital that you do everything you can to think about your current cyber security position and at least understand your risks and how to deal with them. That’s where we can help you.

Do you feel that you, your business and your data may be at risk given the points above? If so, please feel free to contact us for a further chat.