Queensland agencies required to notify of data breaches
A mandatory data breach notification scheme for government agencies is to be introduced in Queensland, and privacy laws in the state will be strengthened.
The Information Privacy and Other Legislation Amendment Bill 2023 will “modernise legislation that is fit-for-purpose in today’s digital world,” it says. It aims to provide greater transparency of data security implemented by agencies and encourage them to maintain vigilance and take proactive steps to prevent and manage data breaches.
The proposed scheme requires that affected individuals and the Office of the Information Commissioner be notified of eligible data breaches that would likely result in serious harm. NSW has a similar scheme.
“We are establishing this scheme so there are clear, consistent requirements to notify individuals of data breaches of Queensland government agencies, so that individuals are empowered to take steps to reduce the risk of harm resulting from a data breach,” State Attorney-General Yvette D’Ath said.
The reforms will also ensure Queensland’s privacy laws remain contemporary and relevant given the changes to the use of technology, and to the way in which personal information is collected, used, accessed, stored and disclosed, she said.
Queensland is also introducing right to information reforms to reduce red tape.