Enhance your TRUST relationship with PRIVACY and SECURITY. Privacy Made Simple!

   +1 866 267 0049   830 NE Pop Tilton Place, Jensen Beach, FL 34957

Australia
Privacy Laws

Overview

BREACH NOTIFICATION – 
As soon as practicable

FINES & PENALTIES – Violations
Fines up to $50 Million AUD

Legal

Regulation Levels

  • Breach Reporting

    Breach Reporting

  • Consumer Notification

    Consumer Notification

  • Vendor Management

    Vendor Management

  • Vendor Contract Required

    Vendor Contract Required

PRIVACY AND SECURITY LAWS

Laws related to personal information and privacy and security.

QUICK FACTS

Australia Privacy Law Information

BREACH REPORTING

Australia has mandatory notification of all ‘eligible data breaches’, All eligible data breaches must be notified to the OAIC (Office of Australian Information Commission) as soon as practicable after the entity:

  • becomes aware of the eligible data breach;
  • becomes aware of reasonable grounds to believe an eligible data breach has occurred; or
  • is directed to do so by the Privacy Commissioner.
CONSUMER NOTIFICATION

Australia has mandatory notification of all ‘eligible data breaches’, All eligible data breaches must be notified to all affected individuals as soon as practical after discovery.

VENDOR/THIRD PARTIES

Australia does not separate the responsibilities of a “controller” or “vendor/third party“ thus  both entities have responsibility for the reporting the data breach to the OAIC and all affected individuals.

FINES & PENALTIES

The amount of the penalty by a person other than a corporation is an amount not more than $2,500,000 AUD.

              The amount of the penalty for corporation  is an amount not more than the greater of the following:

                     (a)  $50,000,000 AUD

                     (b)  if the court can determine the value of the benefit that the corporation , has obtained directly or indirectly and that is reasonably attributable to the conduct constituting the data breach—3 times the value of that benefit;

                     (c) if the court cannot determine the value of that benefit— than up to 30% of the annual revenue the corporation earned  during the breach period may be fined.

Australia Statutes and Laws

Privacy Act 1988 (Privacy Act)

The Privacy Act includes 13 Australian Privacy Principles (APPs), which apply to some private sector organizations, as well as most Australian Government agencies. Such organizations and agencies are collectively known as ‘APP entities’. The Privacy Act also regulates the privacy component of the consumer credit reporting system, tax file numbers, and health and medical research.

Link to the latest version of Privacy Act

https://www.legislation.gov.au/Details/C2022C00361

Notifiable Data Breach (NBD) Scheme Part IIIC of Privacy Act

DISCLAIMER

The information provided is not legal guidance or recommendations and are for informational purposes only.