The Australian Privacy Principles (APPs) contained at Schedule 1 of the Privacy Act 1988 (Cth) (Act) requires APP Entities to destroy or deidentify personal or sensitive information (Protected Information) as soon as reasonably practicable.[1] Having a data destruction policy (DDP) in place means that everyone in the company knows what information is Protected Information, and when and how it is to be destroyed or deidentified. [Read more…]
data destruction
What should APP Entities include in a data destruction policy?
26 April 2022 by Dundas Lawyers
Filed Under: Legal Articles, Privacy Law Tagged With: app 4, app entities, data, data destruction, destruction, destruction policy, personal information, policy, Privacy law
Ransomware Payments Bill 2021 (Cth)
23 August 2021 by Dundas Lawyers

Ransomware is a type of software which maliciously denies an organisation access to their own IT systems and often threatens to release information within such a system subject to the payment of a ransom. The government believes ransomware attacks are Australia’s largest cyber threat.[1] The Ransomware Payments Bill 2021 (Cth) (Bill) intends to establish mandatory reporting requirements for all of Commonwealth entities, State or Territory agencies, corporations and partnerships who make ransomware payments pursuant to a ransomware attack. The Bill would see such organisations provide notice to the Australian Cyber Security Centre (ACSC). [Read more…]
Filed Under: IT Law, Legal Articles, Privacy Law Tagged With: attacks, computer disk, computer function, cybersecurity, data access, data breach, data destruction, data help, data modification, data publication, data restriction, destroy data, electronic means, impairment of data, impairment of electronic communication, impairment of operation, impairment of reliability, impairment of security, Ransomware, ransomware attacks, Ransomware Payments, Ransomware Payments Bill 2021 (Cth), reporting obligations, unauthorised person. data damage