Investigation into Medibank launched, could face millions in fines
An investigation has been opened into the Medibank data breach which could result in heavy fines.
The health insurer’s personal information handling practices will be investigated by The Office of the Australian Information Commissioner (OAIC).
In a statement the OAIC said the investigation will focus on “whether Medibank took reasonable steps to protect the personal information they held from misuse, interference, loss, unauthorised access, modification or disclosure,”
“The investigation will also consider whether Medibank took reasonable steps to implement practices, procedures and systems to ensure compliance with the Australian Privacy Principles (APPs).”
If the findings of the investigation reveal that this is a serious or repeated breach, Medibank could face penalties of $2.2 million for each violation.
In response to several data breaches, The Australian Government recently passed a bill to increase penalties for such offenses from $2.2 million to $50 million.
Although Medibank will not be affected by the new laws, organisations should evaluate the current methods they use to protect the data they collect.
Do you know your Cyber Security capabilities, and your level of risk? Do you have a clear plan on how to improve your capabilities? Would you know what do to do if you had a cyber security incident?
If you are concerned about these new penalties, and don’t understand what your level of risk is request a free assessment to start your journey on protecting your company, employees and customers below.