Can your business afford a $10Million fine?

Thousands of business owners are unprepared for a tough new cyber security regime that could see them slapped with fines of up to $10 million if they fail to report data breaches.

In March 2019, amendments were made by the government, to the Privacy Act to introduce the Notifiable Data Breach Scheme (NDB) whilst introducing tougher new penalties to protect Australians’ online privacy.

All Australian businesses should have an action plan in place to deal with these new compliances. If your business fails to meet its obligations it can be costly.

Hefty fines already in place for businesses that fail on the due diligence, have been increased in 2019. The amendments to the Privacy Act will:

Increase penalties for all entities covered by the Act, which includes social media and online platforms operating in Australia, from the current maximum penalty of $2.1 million for serious or repeated breaches to $10 million or three times the value of any benefit obtained through the misuse of information or 10 per cent of a company’s annual domestic turnover – whichever is the greater.

The OAIC will be provided with an additional $25 million over three years to give it the resources it needs to investigate and respond to breaches of individuals’ privacy and oversee the online privacy rules.

“Today we are sending a clear message that this Government will act to ensure consumers have their privacy respected and we will punish those firms and platforms who defy our norms and our laws.” Minister Fifield said.