Business & Technology
Both Australia’s Mandatory Notifiable Data Breach legislation and the EU’s GDPR are shining a spotlight on state-of-the-art data security technologies and strategies to help Australian organisations stay strong in an increasingly digitized world.
The continuing digitisation and globalisation of our economy is becoming increasingly reliant on the control and processing of personal data. While this presents enormous opportunities for business, it accompanies a growing public awareness and concern for the importance of personal data protection.
According to data from the Attorney General’s Office, five percent of Australians, in other words almost one million people, were exposed to a breach of their private information in 2016, bringing the total economic impact of identity crime in Australia to approximately $2.6b per year.
In another survey the Australian Bureau of Statistics found that around 6.4% of the Australian population aged 15 years and over reported being victims of identity fraud in 2014-15. This makes identity crime more common than any other form of personal and household theft-related crimes. But the potential for damage goes wider than just personal data loss through identity theft and crime. Data breaches undermine trust in the local and global digital economy.
Both Australia’s impending Mandatory Notifiable Data Breach notification law (NDB), which comes into effect in February 2018, and the European Union’s General Data Protection Regulation (GDPR), due in May 2018, are a response to these concerns. With stringent criteria, obligations, and considerable non-compliance penalties, both the effort of attaining compliance and the risks associated with non-compliance will undoubtedly increase with both NDB and GDPR. The implications may necessitate changes that encompass data processing workflows, organisational structure, business processes, and ultimately, information and security technologies.
For some organisations, this will present an opportunity to streamline operations, eradicate unnecessary data collection and limit processing to only that which is essential to core business goals. Either way, however, the transition to compliance is likely to be a significant undertaking.
The biggest challenge organisations are facing is how to start the process in order to understand their risk. Here are some quick tips to get you started.
Want to know more about the data breach notification laws and how to best negotiate them? Visit Fortinet’s Data Breach Notification page for whitepapers and other resources to help you turn this new legislation into greater organisational support for cybersecurity.