Survey on data breach response plans
Queenslanders entrust government agencies with their personal information. To maintain this trust, agencies need to handle personal information appropriately, and safeguard it.
All agencies should have a data breach response plan and be able to respond quickly to a data breach. A plan can help limit the consequences of a data breach, including the risk of harm to the individuals whose privacy has been breached. An effective and timely response to a data breach can help preserve the community’s confidence and trust in the agency.
In June 2022, the Queensland Premier indicated that the government will accept all the recommendations from the Coaldrake review. This includes establishing a mandatory data breach notification (MDBN) scheme.
In the ’10 years on’ self-assessment conducted in 2018-19, 68 percent of responding agencies said they had developed, or were developing, a documented process for managing privacy breaches. With an upcoming MDBN scheme, it is timely to reassess this topic and the level of agency readiness.
We have developed a survey to establish a baseline on government agencies’ data breach response plans. The results will provide valuable insights on where we should focus to support agencies meet their obligations under a MDBN scheme.