The recent amendment of the Privacy Act in Australia, known as the Privacy Amendment (Enforcement and Other Measures) Bill 2022, was approved on 12 December 2022. This amendment will have a significant impact on how businesses handle personal information.
The Privacy Act 1988 governs privacy laws in Australia and regulates the handling of personal information by organisations and government agencies. The Privacy Amendment (Enforcement and Other Measures) Bill 2022 will increase the penalties for individuals and businesses in the event of a data breach that is likely to result in serious harm to any individual. The Office of the Australian Information Commissioner (OAIC) will now have the power to increase penalties from $2.22 million to $50 million.
In addition to the increased penalties, businesses will be required to have robust measures in place to protect personal information and to be transparent about how personal information is collected, used, and disclosed. In the event of a data breach that is likely to cause serious harm, businesses will also have to notify the OAIC and affected individuals. This will also means that businesses will have to adopt strategies and ensure that they comply with the regulations, which might require businesses to change their organizational structure, systems, and processes in how they collect, transmit and store client identification. In conclusion, this amendment will have a significant impact on the way businesses collect, use, and disclose personal information. Businesses will have to make sure that they are compliant with the law and have adequate security measures in place to protect personal information. It would be a good idea for businesses to review and update their privacy policies, processes, and procedures in light of the amendment, in order to ensure they are meeting their legal obligations and to avoid any penalties.