It is now compulsory for organisations to provide notice to regulators and affected individuals in the event of a data breach. I know Mr Trump likes Mr Putin but he hasn’t yet asked Vladimir how he should try and control his citizens to not hack into and upset so many organisations in western democracies. It’s not just the Russians into hacking and data fraud though.
The Privacy Act now states that it’s an organisation’s problem even if you are hacked by malicious outside forces such as the Russians. You are ultimately responsible for the security of your systems.
With the growth in aggressive cyber threats including malware, coupled with employee fraud, it is more important than ever that organisations ensure they are compliant. Specifically all organisations need to have a data response plan if their system is hacked.
Remember you cannot rely too heavily on systems either: a heavy reliance on a centralised database provides a very tempting target for hackers and can give false comfort to an organisation that the system itself ensures compliance. As with many inadvertent errors, the human element cannot be overlooked.
Pat Mannix, Partner, Paris Financial
Follow me on Twitter @mannix_pat
Image courtesy of freedooom at FreeDigitalPhotos.net