The tides are slowly turning here in Australia. The government today announced a discussion paper – Australian Privacy Breach Notification, seeking feedback from the public relating to the possible introduction of mandatory data breach notification laws. The government is seeking feedback relating to the following questions:
- Should Australia introduce mandatory data breach notification laws?
- What kind of breaches should trigger notification requirements?
- Who should decide whether notification is necessary?
- What should be reported and how quickly?
- How should a notification requirement be enforced?
- Who should be subject to a mandatory data breach notification law?
With the possibility of all data breaches needing to be reported, this will bring with it the possibility for catastrophic damage to a business. Not only from the financial burden of notification costs and the possibility of third party liability and penalties involved, but also the damage that a business may sustain to their reputation and image.
Australia is only just catching up to the rest of Western society, being one of the last remaining countries that does not hold an organisation responsible for the loss of personally identifiable information of its customers. Many security specialists have been screaming out for these changes to be made for years and its not hard to see why when there has been less than 100 voluntarily reported breaches to the Privacy Commissioner in the last financial year. Experts believe that the true figure would be thousands a month.
Cyber Insurance was developed with these types of incidents in mind. Insurers are working on their policies knowing that these changes are coming. When these measures are introduced, and I would think they will be at some stage, Cyber Insurance will become the most important cover to any business that stores customers information not only online but offline as well.
Recognising that many small and medium sized businesses do not have the resources to deal with the often unforeseen implications of a data breach, DUAL Australia has developed a product that not only aims to cover many of the cyber risks a business faces but also assists in preventing a breach of ‘Data Security’ and provides expert advice in how best to manage a breach. Though DUAL Australia’s highly regarded expert panel of third party service providers a policyholder will have access to a security review to help with preventing a breach and access to their ‘Breach Response Team’ should the policyholder suffer a breach of their security.
Webber Insurance will be working closely with the team at DUAL Australia to assist our clients with the education of the risks that a business may be exposed to along with providing an insurance quote for suitable protection based on these risks.
More on this in the next blog….