David Braue writes:
Notification of data breaches should be one of the four key steps organisations undertake in response to any detected breach, new guidelines from the Office of the Australian Information Commissioner (OAIC) recommend.
The new guidelines – recently published in the OAIC’s Data Breach Notification Guide – are designed to help companies comply with the stricter legislative requirements around protection of personally identifiable information (PII) introduced in March.
Those four steps, as outlined in the guide, include containing the breach and performing a preliminary assessment; evaluating the risks associated with the breach; notification of the breach; and preventing future breaches.
Read more on CSO Online