What To Do If You Discover a Data Breach
Data breaches are less than ideal. A prepared business will have planned and developed processes for identifying and responding to privacy breaches. If the business hasn't yet created and implemented its data breach policy, we would recommend the following be seriously considered:
- Determine which regulatory and advisory bodies need/should be notified about the breach.
- Discuss with management the best way to:
- Investigate the breach and its implications/consequences.
- Inform the customers/clients about the breach.
- Determine how the customer/client is contacted and at what stage.
- Outline the steps taken by the business to prevent further or future breaches
- Consult with management the best way to handle media enquiries.
Further information can be found here: https://www.oaic.gov.au/