Why OAIC is the most important acronym of 2018 for businesses
It’s not an acronym that rolls off the tongue, but dramatic changes in data breach legislation mean knowing about OAIC — the Office of the Australian Information Commissioner — is vital for all Australian businesses, writes Jamie Wilkinson.
If you’ve not heard of the OAIC before, you have a matter of weeks before it could become the most important four letter acronym in your world.
The OAIC is the Office of the Australian Information Commissioner. It is a government agency with three main roles: overseeing privacy issues, freedom of information functions and government information policy functions.
And within that remit is a duty to oversee something called Notifiable Data Breach legislation which comes into effect in February.
If your organisation stores or keeps personal information, the chances are you will be required to notify individuals if their data is breached whilst in your care, and that breach is likely to result in serious harm.
What this means in the real world is that just about any Australian business which has customer or client data hacked, breached or compromised, could have to come clean. In public. On your website. On your social channels. By emails to your clients and customers.
And to the OAIC.
Getting familiar with the OAIC’s guidance on notifiable data breaches should be at the top of your New Year resolutions list, as should an understanding of what you are required to have prepared before the law comes in on February 22.
A response plan is part of the expectations, which includes thought around a communications plan and how you would practically tell (potentially hundreds of thousands of) clients and customers about the issue.
That alone would be a daunting task with good news; the logistics of explaining to them that their data has been exposed, without worsening the situation, will be even more challenging.
As Australia’s 2.1 million businesses start thinking about the legislation, you can expect to hear the name OAIC dropped in many conversations to come.
Cannings Purple Director of Digital Jamie Wilkinson is an expert in proactively preparing communications strategies to respond to data breaches and managing communications during a data breach crisis. Email Jamie.