Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

NSW government introduces mandatory data breach reporting

The NSW government passed the Privacy and Personal Information Protection Amendment Bill 2022, making it mandatory for government agencies to notify the privacy commissioner in the event of a serious data breach.

user icon
Mon, 21 Nov 2022
NSW government introduces mandatory data breach reporting
expand image

NSW is the first state or territory to have introduced such reporting requirements, having passed the bill in mid-November.

Attorney-General Mark Speakman explained that that Privacy and Personal Information Protection Amendment Bill 2022 would strengthen privacy protections.

“The new law establishes a mandatory data scheme which will require public sector agencies to notify the privacy commissioner if there is suspected data breach involving personal information which is likely to result in serious harm,” Attorney-General Speakman said.

============
============

“Under the scheme, agencies will have to satisfy a number of data management requirements, including maintaining an internal data breach incident register, and having a publicly accessible data breach policy.

“This scheme establishes new standards of accountability and transparency around the protection of citizens’ personal information. It will create greater openness while also enhancing consistency across all public sector agencies.

“Importantly, it will give individuals information they need to reduce their risk of harm following a serious data breach and help agencies respond properly.

“Every day, the people of NSW offer their personal information to government agencies, which is a significant undertaking of trust. In return, the government recognises it has a responsibility to effectively and proactively protect and respect that personal information.

“These reforms will make that responsibility law.”

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.