NOTIFIABLE DATA BREACHES SCHEME

Changes have come into effect that requires all health service providers to notify the Australian Federal Government of any data breach.

FIND OUT MORE ABOUT THE NOTIFIABLE DATA BREACHES SCHEME

There are other obligations under the provisions of the Notifiable Data Breaches (NDB) Scheme under Part IIIC of the Privacy Act 1988 (Privacy Act) - READ MORE HERE

ARE MEDICAL PRACTICES INCLUDED?

Businesses with an annual turnover of $3 million or more and health service providers are included.

WHICH DATA BREACHES REQUIRE NOTIFICATION?

The NDB scheme only applies to data breaches involving personal information that is likely to result in serious harm to any individual affected.

These are referred to as ‘eligible data breaches’. There are a few exceptions which may mean notification is not required for certain eligible data breaches.