Why 22 February should be marked in your diary

20th February 2018
Valentine’s Day, the Big Bash Final and Chinese New Year. These are the events most likely to be marked in your calendar for February. But there’s another date business owners should have circled – 22 February.

This is when the Privacy Amendment (Notifiable Data Breaches) Act 2017 comes into effect. The legislation makes it mandatory for organisations with a turnover of more than $3 million to notify the Office of the Australian Information Commissioner if they lose personal data. If you fall into that category, failure to comply will put you at risk of crippling fines of up to $2.1 million.

Despite these changes coming in to effect this week, less than half of affected businesses (41%) are aware of the new legislation. Small businesses are even less likely to be prepared for the new regulations, with only one in five citing awareness.

These are among the findings from the inaugural Canon Business Readiness Index, a comprehensive study into the digital readiness of Australian businesses. In the first of four research modules, the Information Security study gleans insights from more than 400 key business decision makers.

Pick up a copy of your daily paper and there’s a good chance it contains a data breach story. Terms such as ransomware, phishing and cybercrime are commonly used. The threat landscape is constantly evolving and businesses of all sizes are struggling to keep pace, as indicated by our findings.

Australia’s new data breach legislation puts pressure on businesses to place even more importance on customer privacy to avoid reputational damage or losing customers’ trust.

Businesses will no longer be able to sweep a breach under the carpet. The legislation is an important step forward in ensuring customers are kept in the loop about how their data is being used. An increase in transparency is good for everybody. To cite another survey, this time conducted by Deloitte, trust is more important to Australian consumers than convenience.

It’s not too late, but businesses must act now to manage cyber risks and ensure they have the right measures in place to demonstrate compliance by 22 February. If the date isn’t already in your calendar, mark it now. The clock is ticking.

To learn more about the Business Readiness Index, click here.
Follow us on
Here's some related content you might like