Australia: OAIC publishes Notifiable Data Breaches Report for July to December 2021
The Office of the Australian Information Commissioner ('OAIC') published, on 22 February 2022, its Notifiable Data Breaches Report for the period of July 2021 to December 2021. In particular, the OAIC highlighted that it received 464 data breach notifications from within this period, an increase of 6% compared with the 2020 period. Furthermore, the OAIC noted that malicious or criminal attacks remain the leading source of breaches, accounting for 256 notifications (55% of the total), down 9% in number from 281 in 2020. In addition, the report confirms that there was a significant rise in breaches due to human error, increasing by 43% to 190, after a dip in the 2020 period, and the health sector remains the highest reporting industry sector notifying 18% of all breaches, followed by the finance sector (12%).
Finally, the OAIC stated that the Notifiable Data Breaches scheme is well established after four years of operation and it expects organisations to have strong accountability measures in place to prevent and manage data breaches, in line with legal requirements and community expectations.