Sound data protection policies are not just excellent business practice, they are required by law. Federally mandated Privacy Legislation requires businesses to securely destroy all sensitive and personal information about their customers, employees and visitors and not simply discard this data. Using general waste streams to dispose of sensitive information places an organisation at risk of a data breach, that information becoming public knowledge or even being used for identity theft.
Furthermore, organisations and individuals become vulnerable to litigation and financial penalties when personal records are not properly maintained and destroyed or for failure to uphold the Notifiable Data Breaches (NDB) Scheme.
What are the penalties?
Failure to uphold the obligations of the NDB will result in heavy consequences. If there’s an eligible data breach and no notifications are sent, the penalty can reach $2.22 million for organisations and $444,000 for individuals. In addition to this, it’s difficult to quantify the cost of loss of trust in your business, nor the impact on your brand. In addition to the penalty for non-compliance, the Commissioner also has the power to make organisations pay compensation for damages and issue a public apology.
How to protect your business
The best way to protect your business from the consequences of a data breach is to protect all information received from the outset. Here are a few tips to implementing a sound data protection policy:
- Store only essential and relevant personal information
- Ensure the process of data collection & storage is secure
- Keep staff well educated on recognising and dealing with suspicious emails and online activity
- Keep information on a trusted platform and have secure cyber defence systems in place
- Implement procedures to monitor the storage and secure destruction of information
- Outsource your information destruction needs to a certified destruction provider such as Shred-X.
INDUSTRY LEADING Solutions
KEEP YOUR BUSINESS SECURE
STOP IDENTITY THEFT
Save Time & Money
Achieve Legislative Compliance
Contribute to Environmental Sustainability
What to do if a data breach occurs
Time is critical with any data breach, and the actions you take will determine the success of your recovery. Alongside are 3 steps to follow when your data is breached.
2. Assess: Determine if the breach is ‘eligible’
3. Notify: Inform all relevant individuals and the Commissioner
Not responding accordingly to a data breach is an expensive and detrimental decision. Securing information online is an ongoing pursuit, however, physical data breaches are easier to contain. The Shred-X e-Waste destruction solution guarantees the secure destruction of digital media, hard drives, mobile phones and any other IT or data asset.
Establish and maintain an effective privacy program and once the information is no longer required contact Shred-X for certified and secure destruction.