More than 30 data breaches have been reported to the Office of the Australian Information Commissioner in the three weeks since notification legislation was enacted.

Under the new laws, organisations must inform affected individuals if a breach is likely to result in serious harm, and notify the commissioner.

A spokesman for the commission told insuranceNEWS.com.au 31 notifications have already been received, and more detailed statistical reports will be issued on a quarterly basis.

Meanwhile, Information Commissioner Timothy Pilgrim says he will investigate whether Australians have been affected by the recent Facebook scandal.

According to reports, the personal data of about 50 million Americans was harvested and improperly shared with a political consultancy.

“My office is making inquiries with Facebook to ascertain whether any personal information of Australians was involved,” Mr Pilgrim said. “I will consider Facebook’s response and whether any further regulatory action is required.”

JLT cyber specialist Samuel Rogers told insuranceNEWS.com.au the Facebook situation is a stark reminder of social media risks.

“The use of social media offers a huge range of benefits, but at the same time we need to be careful about what information we put out there,” he said. “There is an inherent risk in the use of social media, and there are insurance policies to cover that.”

Mr Rogers says organisations also need to be careful about how they obtain and use social media data.

“Leaving legality to one side, there is an ethical and reputational element and it can be a really terrible look.

“There is definitely a case for caution for insurance companies collecting this kind of data.”