All Federal Government agencies, business and Not-For-Profit organisations with more than $3 millionĀ in turnover are required to notify the Office of the Australian Information Commissioner and affected individuals if personal data is lost, stolen or leaked.
Health providers and Businesses that trade in personal information must disclose privacy breaches regardless of worth or income.
Under the new laws privacy breaches must be reported if the breach is likely to result in serious physical, psychological, emotional, financial and reputational harm.