17 Oct 2023

QLD Gov Introduces Data Breach Notification Legislation

The Queensland government has introduced a mandatory data breach notification scheme following a recommendation by the Coaldrake review. The scheme, introduced 15 months after the review, mandates clear, consistent requirements for notifying individuals of data breaches in Queensland government agencies. If a breach is suspected, agencies must take containment steps and have up to 30 days (extendable) to assess the incident. Exemptions exist if notification could compromise cybersecurity. Agencies are required to maintain a breach register and publish a data breach policy, aligning Queensland privacy principles with Australian Privacy Principles.

Return to listing