Government departments in New South Wales (NSW), Australia, face having to notify the Privacy Commissioner and anyone affected by cyber-attacks or privacy breaches likely to result in serious harm.
The proposed legislation, a first in the country, also covers NSW-owned corporations and local councils.
“The protection of people’s privacy is crucial to public confidence in NSW government services,” attorney general Mark Speakman was quoted as saying by online publication Government News.
“If passed, this bill will introduce a scheme that will ensure greater openness and accountability in relation to the handling of personal information held by NSW public sector agencies.”
Digital and customer services minister Victor Dominello added: “The NSW government is committed to enhancing services through digital innovation, but it is vital the use of technology and data embodies the highest privacy, trust and security standards.”
Privacy Commissioner Samantha Gavel commented that introduction of a mandatory notification data breach scheme would increase people’s trust in the way government handles personal information and increase transparency and accountability. It would also make agencies more aware of the importance of risk management.
Register to receive the latest data protection and privacy news and analysis straight to your inbox