Government looks to tighten breach notifications

The Privacy Alerts Bill is back on the government agenda and it could have significant ramifications to businesses, says an industry expert.

Currently back before the Federal Senate, the bill, if passed, will mandate that organisations notify customers and regulators in the event of any data breach with the potential to cause harm.

James Stringer, Zurich Financial Lines Professional Indemnity National Underwriting Manager says the consequences are significant.

“This could potentially lead to significant costs in alerting customers of a serious data breach especially as the larger the number of individuals affected and requiring notification, the higher the notification costs incurred,” he says.

“There is also potential for significant effects on the business concerned in terms of reputation damage, lost customers and sales, and potentially negative impact on the share price of listed companies.”

Stringer says it also presents an opportunity.

“From a commercial perspective, it may result in increased take up of cyber security and privacy insurance as customers seek to transfer the risks associated with mandatory reporting,” Stringer says.

“It may also result in increased claims for the industry around privacy breach notification costs covered by cyber security and privacy policies.”

NIBA Legal Counsel and Mark Radford Lawyers Principal Mark Radford earlier this week released more detailed guidance on the proposed changes. To read his report, click here.