New mandatory data breach notification requirements

Under the new requirements, entities that are bound by the Privacy Act 1988 will be obliged to notify the Privacy Commissioner and affected customers of any "eligible data breach" as soon as practicable after becoming aware of the occurrence. Where an APP entity merely suspects that its data has been breached, it will have 30 days to conduct an investigation before it must report.

In this eBulletin we look at what makes an "eligible breach" and what you should do if your business is bound by the Privacy Act 1988.
 Read more...

Data Retention Laws Pass the Senate

On Thursday 26 March 2015, the controversial data retention or 'metadata' law was passed by the Senate with bipartisan support. In this eBulletin, we flag some important implications of these new laws in relation to privacy obligations and the imminent arrival of a mandatory data breach notification scheme.  Read more...

Protecting your image online: How to stop unauthorised use and disclosure

In this eBulletin, we consider the legal protections of copyright, privacy and defamation, and the options available to you if you find your image or photographs being used online without your permission.  Read more...

Privacy Principles Tested - How does your organisation measure up?

Since the introduction of the new Australian Privacy Principles in March this year, various industries have speculated as to which sector might be the first to go under the Privacy Commissioner's microscope. In this eBulletin we look at the Commissioner's recent assessment of a healthcare provider, and provide practical tips on how to ensure organisations in a variety of industries remain compliant with the privacy laws.  Read more...

Privacy Act reform – significant changes ahead

The Privacy Amendment (Enhancing Privacy Protection) Bill 2012 (Bill) has recently been passed by both houses of Parliament and is now awaiting royal assent.  Read more...

Are you prepared for the Privacy Reforms? We outline the key changes

Late last year the government passed amendments to the Privacy Act 1988 (Cth), implementing changes to Australian privacy law in a number of areas. These changes take effect from 12 March 2014 and will have a significant impact on the way Commonwealth agencies and private sector organisations collect and deal with various forms of personal information.  Read more...