Share this article on:
The government of Queensland will join NSW as the only Australian states with a mandatory scheme for reporting data breaches.
According to a statement from Queensland Attorney-General Yvette D’Ath, the Information Privacy and Other Legislation Amendment Bill 2023 will implement “critical reforms that will improve transparency and accountability of Queensland government agencies and improve privacy protections available to individuals”.
The move comes just over a year since the Coaldrake Review into accountability and government culture, published in June 2022, recommended such an action.
On top of mandatory reporting of data breaches, the bill will also require impacted organisations to inform customers directly of any breach of their data. It is also hoped the bill will encourage organisations to provide better protections for data in their keeping.
“Recent high-profile data breaches demonstrate that loss or unauthorised access or disclosure of personal information has the potential to result in serious harm to individuals,” Attorney-General D’Ath said in a statement.
“That’s why we are establishing this scheme so there are clear, consistent requirements to notify individuals of data breaches of Queensland government agencies, so that individuals are empowered to take steps to reduce the risk of harm resulting from a data breach.
“The reforms will also ensure Queensland’s privacy laws remain contemporary and relevant given the changes to the use of technology and to the way in which personal information is collected, used, accessed, stored and disclosed in today’s digital world.”
The bill also includes a scheme for more open release of cabinet documents, reforms to bring the state more into line with the Commonwealth Privacy Act, and reforms to the right-to-information framework to “reduce red tape and deliver efficiencies for applicants and agencies”.