Following a series of high-profile data breaches suffered by Australian entities which left millions of Australians' personal information vulnerable to hackers, the Federal Government passed the Privacy Legislation Amendment (Enforcement and Other Measures) Act 2022 in December 2022. This Act comprised three main changes in respect of privacy regulation, namely:
Businesses that handle personal information now have a greater incentive to ensure that they are compliant with the Privacy Act, given the hefty increase in potential penalties in the event of a breach. Businesses should also be wary of the potential changes to the Privacy Act which may arrive in 2024, as they may vary or impose new obligations on organisations that handle personal information.
The Federal Government has signalled that the above amendment is the first in what it is expected to be a series of wide-ranging reforms to the Privacy Act. It was anticipated that a draft bill reforming the Privacy Act would be tabled in Parliament by the end of 2023, but with the Government’s Response indicating extensive further consultation on the proposed reforms, this may not happen until late 2024.
*Information is accurate up to 27 November 2023