The warning comes as Australia is likely to require compulsory data breach reporting requirements this year.

‘Based on our experience in other jurisdictions that have introduced mandatory data breach notification, such as the US and the EU, companies that are not adequately prepared are at greater risk of being sued by their corporate customers (for breach of privacy obligations embedded in their customer contracts) and by consumer customers,’ said Adam Salter, partner in Jones Day’s Cybersecurity, Privacy and Data Protection practice.

Take action now

He added that Australian businesses should take action now to ensure they are ready to comply with the law once it takes effect. Key steps are to regularly review and strengthen IT and data security systems, policies, and procedures and prepare for how to report a potential data breach to authorities and customers.  

Sources: Australasian Lawyer; IT Brief