NSW passes state-based mandatory data breach notification

By

Without amendment.

Both houses of NSW parliament have passed mandatory data breach notification rules that will apply to state agencies and departments, statutory authorities, local councils and some universities.

NSW passes state-based mandatory data breach notification

The Privacy and Personal Information Protection Amendment Bill passed the upper house on Wednesday, having cleared the lower house the previous day.

The bill is now marked as “awaiting assent”. It is due to come into force a year after assent.

The leader of the opposition in the Legislative Council, Penny Sharpe, said state Labor “has been asking for these changes for quite some time.”

“We are pleased that the government has finally brought a proposal before the House to deal with this serious issue, and I indicate at the outset that we do not oppose the bill,” she said.

“NSW public sector agencies hold substantial sensitive information about the people of NSW, including personal, health and financial information. 

“It is currently not mandatory for NSW public sector agencies to report data breaches of personal and health information under the Privacy and Personal Information Protection Act. I have to say, I am completely shocked by that.”

Greens MP Abigail Boyd called the changes “long overdue.” 

“The bill does not do anything to keep our information safer from theft. It merely imposes a mandatory obligation on State‑owned corporations and public sector agencies to disclose to people impacted by a breach of data held by that corporation or agency,” she said.

“Frankly, it is astonishing that the obligation does not already exist and that it requires legislating at all.”

Boyd added: “The issue of digital rights and privacy - of regulation and responsible use of technology - is only going to become more urgent.

“This bill is a small but positive step in the right direction, and The Greens support it.”

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Eagers Automotive finds unauthorised access to parts of IT systems

Eagers Automotive finds unauthorised access to parts of IT systems

Hackers hit Victoria's court recording database

Hackers hit Victoria's court recording database

St Vincent's Health Australia warns cyber attack forensics could "take some time"

St Vincent's Health Australia warns cyber attack forensics could "take some time"

Yakult Australia confirms cyber incident

Yakult Australia confirms cyber incident

Log In

  |  Forgot your password?