Audit: CBA to ‘substantially’ overhaul privacy under OAIC undertaking | iTnews

Audit: CBA to ‘substantially’ overhaul privacy under OAIC undertaking | iTnews

Australian Information Security Audit Report June 27 2019

CBA has 90 days to submit plans.

Reported in: iTnews

The Office of the Australian Information Commissioner (OAIC) has accepted a court-enforceable undertaking from the Commonwealth Bank of Australia (CBA) in the wake of investigations into issues with the bank’s handling of customer data.

As part of the undertaking, CBA now has 90 days to develop and submit to the OAIC a work plan and timetable of work to meet address its privacy obligations, including a review of its policies, procedures and data retention standards, while also providing staff training to ensure compliance.

“CBA must also assess its IT services and systems to make sure it takes appropriate steps to control access to customers’ personal information,” the OAIC said.

OAIC Quarterly Data Breach Statistics Report: January 2018 – March 2018

The Office of the Australian Information Commissioner (OAIC) has published the first quarterly report on data breach notifications received under the Notifiable Data Breaches (NDB) scheme, which came into force on 22 February 2018.

Top 5 industry sectors that reported breaches
in the quarter

Top 5 industry sectors NDBs received
Health service providers 15
Legal, Accounting & Management services 10
Finance (incl. superannuation) 8
Education 6
Charities 4

Source: Quarterly Statistics Report: January 2018 – March 2018

Commonwealth Bank accused of misleading Privacy Commissioner | ABC News (Australia)

The Commonwealth Bank has been accused of giving falsified evidence to the Privacy Commissioner over a contractor’s repeated unlawful accessing of a customer’s account.

Source: Commonwealth Bank accused of misleading Privacy Commissioner – ABC News (Australian Broadcasting Corporation)

Concerned about privacy, Australians embrace mandatory data-breach scheme | CSO

Australians are becoming more concerned about their privacy and businesses are signing on for privacy-awareness activities as a result, the government’s information commissioner has noted as figures suggest 40 percent of Australians are uncomfortable with the government using their personal details for research or policy-making purposes.

Source: Concerned about privacy, Australians embrace mandatory data-breach scheme – CSO | The Resource for Data Security Executives