Australian data privacy regulations are moving closer towards GDPR, but there are differences with regards to breach notifications, reporting, timeframes, business size applications, and what is clarified as “serious harm.”
They will need to focus on how to enable individuals to control how their personal information is processed and allow them to manage their data.
Australians are completely unaware as to how susceptible their personal information is to a cyber attack, according to most participants at The Australian Financial Review and ACS roundtable on Cyber Resilience. Furthermore, just as the federal government continues its rollout of its My Health Record digital health scheme, it is the one sector continuing to see the most data breaches here and overseas. According to the Office of the Australian Information Commissioner (OAIC), out of a total of 242 breach notifications from April 1 to June 30 this year, 49 were reported by the health sector. This was also reflected in Chubb Insurance's global claims data report which tracked the number of cyber incidents over the last decade. Chubb's report found 38% of cyber incidents occurred in the health sector with professional services second at 16%.