Skip to content
V0
VibeZero
Get Started. Free Consult
VibeZero/Resources/Glossary/Notifiable Data Breaches Scheme
Glossary · Australian Compliance

Notifiable Data Breaches Scheme

Australian law requiring organisations covered by the Privacy Act to notify affected individuals and the OAIC about eligible data breaches.

In detail

The Notifiable Data Breaches (NDB) scheme came into effect in February 2018. An eligible data breach occurs when there is unauthorised access to or unauthorised disclosure of personal information that is likely to result in serious harm to individuals, and remediation has not prevented that harm. Affected organisations must notify the OAIC and affected individuals as soon as practicable. The OAIC publishes quarterly statistics, which consistently identify human error and malicious or criminal attack as leading causes.

Why it matters for Australian business

Australian businesses subject to the Privacy Act need a documented incident response process so the NDB clock can be met. Our Data and Privacy Advisory engagement covers the response readiness gap that most SMBs have between "we have an IT person" and "we have a documented breach response plan with notification commitments in writing from our platform vendor".

Sources & further reading

How we help with this

Service

Data & Privacy Advisory

Service

AI App Security

Service

AI Infrastructure

Related terms

Privacy Act 1988OAICEssential Eight
← All glossary terms

Want to talk through how this applies to your business? Book a free consult.

Book a Free Consult →See Our Services