Show download pdf controls
  • How to prepare your business for a cyber security incident

    Your business, staff and client information is extremely valuable to cyber criminals.

    That’s why it’s important to have a data breach response plan in place.

    The Office of the Australian Information Commissioner (OAIC) provides guidance on how to create a strong data breach response plan. For example, it should include:

    • clear escalation procedures and reporting lines for suspected breaches
    • processes that outline when and how affected individuals are notified
    • a record-keeping policy to ensure breaches are documented
    • strategies to identify and address any data handling weaknesses that could have contributed to the breach.

    Your data breach response plan should also include contacting the ATO on 1800 467 033 so we can put protections in place for your clients.

    You should regularly review and test your plan and make improvements as necessary.

    This will help you to act quickly and minimise harm in the unfortunate event that a data breach does occur.

    If you are governed by the Privacy Act 1988, you should also be aware of your obligations under the Notifiable Data Breaches Scheme. This scheme requires regulated entities to notify the Office of the Australian Information Commissioner and certain individuals about any data breaches that are likely to result in serious harm.

    See also

    Keep up to date

      Last modified: 18 Feb 2022QC 67952