There's a joke in the cyber security industry that there are two types of companies: those that know they have been hacked, and those that haven't yet found out. In November 2013, Target Corporation in the US learned this the hard way when it was told by law enforcement agencies that it had been sub ...

On 15 August the Federal Government released exposure draft legislation that if passed will establish an economy-wide consumer-directed data transfer system The latest sprint in a marathon of reviews reports and recommendations over the past few years that have called for the adoption of some form ...

The release of the exposure draft of the CDR legislation marks the start of a tight turnaround in order for the legislation to be passed in March 2019 particularly as the details and associated instruments have yet to be released The CDR regime has been advertised as producing a wide range of ...

The Federal Governments electronic health records system may have a new lease on life following the introduction of a new Bill that attempts to improve the systems effectiveness with key changes such as the transition to an opt-out approach Partner Ian McGill Senior Associate Phil OSullivan and ...

Following a period of industry consultation the Federal Government has introduced updated legislation that will introduce a mandatory data breach notification scheme The new Bill will amend the Privacy Act 1988 Cth when it comes into force and will apply to all Australian companies currently subject ...

The Parliamentary Economics Committee released its report following its review into Australias four major banks yesterday Our Financial Services Regulation team has a look at the recommendations in this update ...

Uncertainty as to what information constitutes personal information under the Privacy Act will be clarified following the release of guidance from the Office of the Australian Information Commissioner The guide provides insight into how a complaint may be determined and offers key questions for ...

OAIC concludes investigation of Australian Red Cross data breach where a one-off human error by a third party provider's employee led to a massive data breach that hit the Australian Red Cross Blood Service ...

Your data breach response plan should ...

Guidance highlighting the necessity of being transparent when undertaking data analytics on personal information as well as other matters that organisations should consider so as to better manage compliance risk when undertaking data analytics has been released Partner Michael Morris Lawyer Jaclyn ...