The Australian Privacy Commissioner, Karen Curtis, has released a "Guide to Handling Personal Information Security Breaches". It is for use by businesses, agencies and non-government organisations in preventing and, if necessary, responding to a data breach.
Ms Curtis said the Guide was developed following extensive consultation with a range of stakeholders. It includes four key steps to consider when responding to a breach:
- Step 1: Contain the breach and do a preliminary assessment
- Step 2: Evaluate the risks associated with the breach
- Step 3: Consider notification
- Step 4: Prevent future breaches.
