[AusNOG] Mandatory data breach notification will become, law in Australia

[Chad Kelly]

On 2/28/2017 12:00 PM, ausnog-request at lists.ausnog.net wrote:
> Im suggesting that more and more government regulation does but one
> thing push small guys out of the market.  It wont just be a reporting
> requirement but there will be forms reports. Reporting officers etc
> etc.  It's not the reporting requirement I have a problem with it's all
> the red tape that's going to go with it.
>
> The government needs to learn that 3million turnover  is not a large
> business.  Why can  these things not be decided on profit. There's a lot
> of small operators that collect 3 million and then turn over the bulk of
> that  AAPT/Telstra/Optus/Vocus .
>
> Yet the government treats them like AAPT/Telstra/Optus/Vocus

Don't you remember what happened with Distribute IT?

I wouldn't consider $3000000 turnover as a small business either, more 
of a medium sized one, but you should be preventing these data breaches 
in the first place and have policies on who can access what information 
within the business.

Depending on the size of  the business and the type of data that is 
being collected you should also have written policies on what happens if 
a breach occurs.

You should also have appropriate levels of insurance to make sure you 
are covered in case something happens.

Also if you don't want to file reports yourself you have the option of 
highering a personal assistant to take care of those tasks.

I think its actually a good thing that the federal government is 
starting to take IT security more seriously and that they are starting 
to crack down on this stuff.

Though writing reports still won't actually prevent breaches so you 
still need good security practices in place.

Regards Chad.



-- 
Chad Kelly
Manager
CPK Web Services
web www.cpkws.com.au
phone 03 5273 0246