Ransomware attacks present an escalating threat to global security, one which threatens a broad range of organisations ranging from government agencies to small businesses. Driven by an increasingly interconnected IoT landscape and the use of outdated or legacy systems, ransomware poses a growing threat to Australia’s critical infrastructure – including the healthcare, financial services, transportation, …
Read more
There are two words every organisation prays they never hear. Words that invoke more fear and panic than the “boogey man”. Those two words? Data breach.
The Privacy Act 1988 (Cth) (Privacy Act) is the principal piece of legislation governing the handling of personal information by the Australian government and private organisations. The Privacy Act has undergone various tranches of amendments since its inception in 1988, with significant changes on the horizon during 2024.
General protections from unlawful discrimination under the Fair Work Act 2009 (Cth) apply to both employees and prospective employees. It is important to ensure that reliance on tools such as AI in recruitment processes do not infringe on the protections from discrimination that are afforded to prospective employees. The list of attributes that are protected …
Read more
If the Privacy Act 1988 (Cth) applies to your organisation, these three facts should help focus you on your organisation’s compliance. If you are unsure if your organisation is subject to the Privacy Act, please contact us for advice.
Griffin Legal endorses a ‘privacy-by-design’ approach, where organisations proactively embed good privacy practices into the design and development of a program that involves any collection, use, or disclosure of personal information. Every decision and new process must be approached via a privacy-first mindset, promoting both functionality and privacy protection.
Cyber incidents are increasing in frequency across all sectors including charities and not-for-profits. As a result, the Australian Signals Directorate’s Australian Cyber Security Centre is encouraging charities and not-for-profit organisations to protect their information and systems. The steps that these organisations can take are the same steps that all types of organisations can take – …
Read more
The Office of the Australian Information Commissioner’s (OAIC) recently released its latest notifiable data breaches report for July to December 2023, highlighting the continued risks of data breaches faced by organisations and third-parties. This is underscored by the notable increase in the volume of reported data breaches, increasing 19% since the previous reporting period.
In recent weeks the Australian Government introduced legislation (the Digital ID Bill) to establish a regulatory regime for the accreditation of digital identification providers. Overall, the Digital ID Bill aims to give Australians secure and effective ways in which to verify their identify for use in online transactions with government and business.
On 22 November 2023, the Australian Government released its 2023-2030 Australian Cyber Security Strategy (the Strategy). The Strategy aims to realise the Australian Government’s vision of becoming a world leader in cyber security by 2030. The Strategy seeks to protect Australians by improving cyber security, managing cyber risks, and better supporting Australians and organisations to manage …
Read more