What is a Notifiable Breach?
A notifiable data breach occurs when personal information is compromised in a way that is likely to result in serious harm to individuals. This harm can be financial loss, identity theft, physical harm, or significant distress. The scheme applies to organisations covered by the Privacy Act, including most government agencies and businesses. It's not just about data loss; it's about the potential impact on individuals. The OAIC provides guidance on determining whether a breach is notifiable, focusing on the likelihood and severity of harm.
Australian Tenant Operational Reality
In an AU mid-market context, immediate response is critical. The first 24 hours should focus on containment and initial assessment. Microsoft Defender XDR and Sentinel logs are invaluable for forensic investigation, identifying the scope and root cause. Integrating Communication Compliance helps detect insider misuse contributing to the breach. Crucially, Microsoft Purview audit retention policies, set to a minimum of 180 days as recommended for CPS 234 compliance, provide a vital record for the post-breach assessment required by the OAIC and potentially APRA. The Essential Eight prioritises detection and response capabilities, aligning directly with NDB scheme obligations.