Thursday, January 31, 2008

Privacy chief wants mandatory reporting

SHAKEN by a series of significant data breaches in the UK, Australian Privacy Commissioner Karen Curtis has renewed calls for mandatory reporting of security breaches at Australian companies and government agencies.

Ms Curtis's call for mandatory reporting was made in a 786-page submission to the Australian Law Reform Commission’s (ALRC) review of Australian privacy law.

“While reporting would need to be proportional to the severity of the breach, it would provide organisations with a strong market incentive to adequately secure their databases,” Ms Curtis said.

“It would also give people an opportunity to take any necessary steps to protect their personal information.”

Ms Curtis also called for powers that would allow the Office of the Privacy Commissioner to conduct privacy performance assessments on private sector organisations in special circumstances to ensure they were in compliance with data protection regulations.

Other recommendations in the submission included maintaining a principles-based and technology neutral approach to privacy, to provide flexibility and responsiveness to change.

Ms Curtis also urged lawmakers to minimise exemptions to from the Privacy Act.

For more Digital Content news, click here.



For more e-Government news, click here.