On 22 February 2018, changes to the Federal Privacy Act 1988 brought a new Notifiable Data Breach (NDB) Scheme into force. This makes it compulsory for schools to notify specific types of data breaches to the individuals affected by the breach, and to the Office of the Australian Information Commissioner (OAIC).
A data breach occurs when personal information is lost or subject to unauthorised access, modification, disclosure, or other misuse or interference. Data breaches are not limited to cyber-attacks, but more commonly occur from human error or failure to follow information-handling policies that lead to personal information being lost or disclosed to the wrong person.
Not all data breaches will be NDBs. For there to be an eligible data breach, it should have the likelihood of resulting in serious harm to the affected individuals. Serious harm could include serious physical, psychological, emotional, economic and financial harm, as well as serious harm to reputation.
Studentnet has created its own Data Breach Plan to contain, assess and respond to school data breaches, which collects details for a nominated privacy staff contact, clarifies their responsibilities, and documents the processes for responding to a data breach. Please feel free to contact us for further information.
Please contact us to find out more about how we can support you. We tailor our products specifically for a wide range of school community requirements.
phone_android +61 2 9281 1626 mail_outline info@studentnet.id
