Western Australia: OAIC launches urgent inquiries into reported health data breach
The Office of the Australian Information Commissioner ('OAIC') announced, on 21 July 2020, that it had launched urgent preliminary inquiries into the reported data breach of patient information in Western Australia. In particular, the OAIC highlighted that an entity regulated by the Privacy Act 1988 (No. 119, 1988) (as amended) ('the Privacy Act') must take reasonable steps to protect the personal information it holds from misuse, interference, and loss, as well as unauthorised access, modification, or disclosure. Furthermore, the OAIC noted that the Privacy Act covers private health providers, organisations with an annual turnover of more than AUD 3 million (approx. €1.8 million), and most Australian Government agencies, therefore does not generally cover Western Australian State Government Departments.
You can read the press release here.