Historically, businesses have kept documents to ‘be on the safe side’. But, as we now see in the wake of last year’s Optus and Medibank data breaches, this approach is not without its risks. As we rely more and more on computers and networks for our day-to-day business activities, so too does the sophistication, frequency and harm of cyber incidents grow. In this article, we explore the various legislative requirements that cover the collection, security and retention of information, and the lessons emerging from the Optus and Medibank data breaches.
High-profile data breaches
While investigations are ongoing into the Optus and Medibank data breaches, we all know someone who has been affected. But these are certainly not the first high profile hacks to expose very personal information of Australians.