Qld agencies to face mandatory data breach reporting

Queensland is set to join NSW as the only other Australian state to introduce a mandatory data breach notification scheme.

Yvetter D’Ath

The state government says the Information Privacy and Other Legislation Amendment Bill 2023, introduced on October 12, contains reforms aimed at improving the accountability of government agencies and boosting privacy protections in a way that’s fit-for-purpose in a digital world.

The legislation introduces requirements for government agencies to notify the Office of the Information Commissioner, as well as affected individuals, of data breaches.

Mandatory notification is one of the recommendations of the 2022 Coaldrake Review of the Queensland public sector as a way of putting pressure on agencies to take more responsibility for data security, and be proactive about managing breaches.

“A significant aspect of this Bill is the establishment of a mandatory data breach notification scheme,” Attorney-General, Minister for Justice, and Minister for the Prevention of Domestic and Family Violence Yvette D’Ath says in a statement on Thursday.

“Recent high profile data breaches demonstrate that loss or unauthorised access or disclosure of personal information has the potential to result in serious harm to individuals. 

We are establishing this scheme so there are clear, consistent requirements to notify individuals of data breaches of Queensland government agencies.

Attorney General Yvetter D’Ath

“That’s why we are establishing this scheme so there are clear, consistent requirements to notify individuals of data breaches of Queensland government agencies, so that individuals are empowered to take steps to reduce the risk of harm resulting from a data breach. “

The Bill will also include amendments regarding the release of cabinet documents, and reforms to improve alignment with the Commonwealth Privacy Act, including a single set of privacy principles aligned with the OAIC’s Australian Privacy Principles.

“This will provide a stepping stone for further reform following any legislation arising out of the Commonwealth Government’s review of the Privacy Act,” the government says.

It also contains reforms to the Right to Information framework that the government says will reduce red tape and deliver efficiencies for applicants and agencies.

The reforms will ensure Queensland’s privacy laws remain contemporary and relevant amid changes in the way technology is used and personal information is collected, and accessed and stored, Ms D’Ath said.

“By also strengthening Queensland’s privacy framework, public sector agencies will be able to continue to manage the challenges of digital service delivery while meeting community expectations around privacy,” she said.

Comment below to have your say on this story.

If you have a news story or tip-off, get in touch at editorial@governmentnews.com.au.  

Sign up to the Government News newsletter

Leave a comment:

Your email address will not be published. All fields are required