noodls browser compatibility check

The security settings of your browser are blocking the execution of scripts.

To use noodls, javascript support must be enabled. Please change your browser's security settings to enable javascript.

If you have changed your browser's security settings, you can click here.

related announcements

News

United States Attorney's Office[...]

Bonita Man Pleads Guilty to Sex Trafficking of a 15 Year Old Girl and[...]
City of Riverside, CA

City of Riverside Names Stephen Patchan Deputy Director of Community[...]
Military Health System

TRICARE Authorizes Temporary Prescription Refill Waivers for New York[...]

OAIC - Office of the Australian Information Commissioner

09/13/2024 | Press release | Distributed by Public on 09/12/2024 18:41

Statement on MediSecure data breach

Published 13 September 2024

The Office of the Australian Information Commissioner (OAIC) has closed our inquiries into the MediSecure data breach.

As MediSecure entered administration on 3 June 2024, our inquiries focused on ensuring that MediSecure notified individuals impacted by this breach, so they could take preventative action to protect their personal information, while we worked with other agencies to ensure a whole-of-government approach to building awareness about the matter.

On 18 July 2024, MediSecure issued a public statement on the data breach, which included an outline of the types of personal information impacted. The Australian Government also updated its advice for individuals whose personal information may have been compromised.

At this stage, the OAIC will not pursue an investigation into the personal information handling practices of MediSecure as the possible remedies that we could obtain for the community will not be proportionate to the resources required for a comprehensive investigation. This should not be of comfort to any organisations that hold personal information and do not have appropriate data security policies and practices in place. It demonstrates that organisations need to make protecting individuals' personal information a top priority, as a data breach may destroy an organisation's reputation and cause enormous damage to the community.

The OAIC has welcomed the first tranche of privacy reforms with the introduction of the Privacy and Other Legislation Amendment Bill 2024 yesterday. The Bill would strengthen the OAIC's enforcement toolkit, including through an enhanced civil penalty regime and infringement notice powers.

The Bill would also provide important clarification to the scope of existing security obligations by amending Australian Privacy Principle 11 to expressly require organisations to implement technical and organisational measures (such as encrypting data, securing access to systems and premises, and undertaking staff training) to address information security risks. This amendment will assist in clarifying the OAIC's existing expectations around the scope of measures organisations should be taking into consideration when protecting personal information.

Sharing and Personal Tools

Please select the service you want to use:

Back

View original format

related announcements

News

Politics and Policy

OAIC - Office of the Australian Information Commissioner

Statement on MediSecure data breach

Sharing and Personal Tools