Australian Information Commissioner announces a notification of MediSecure data breach

May 21, 2024

It is hardly a surprise that MediSecure would make a notification under the mandatory data breach notification provisions of the Privacy Act 1988. It is a very significant data breach involving very sensitive information. Today the Information Commissioner’s Office has announced a preliminary inquiry.

It is interesting that the Privacy Commissioner has used this statement to call for reform of Privacy laws.  That is topical given the Government has announced that it will introduce a Bill into Parliament in August.  By making something more than an anodyne statement the Privacy Commissioner has done something quite new.

The statement provides:

The Office of the Australian Information Commissioner (OAIC) has been notified of the data breach involving MediSecure.

The National Cyber Security Coordinator is working with agencies across the Australian Government, states and territories to coordinate a whole-of-government response to this incident. The OAIC is actively engaging and collaborating with other agencies in this process, with a particular focus on the privacy of individuals and their personal information. Read the rest of this entry »

USA to strengthen Safe Harbour framework for data transfers

March 28, 2014

The Safe Harbour arrangements, in place since 2000, in the United States of America (the “USA”) regarding transfer of personal data from the European Union to the USA has been an imperfect vehicle for ensuring some form of compatibility in the processing of personal information, data protection and free movement of data by US organisations to a standard consistent with the EU Directive 95/46EC.    In November the European Commission issued quite a critical report on the functioning of the Safe Harbour arrangements.  It is found here.  It is, for practitioners in the privacy field, a very useful and informative document.  The conclusions and recommendations are:


Since its adoption in 2000, Safe Harbour has become a vehicle for EU-US flows of personal data. The importance of efficient protection in case of transfers of personal data has Read the rest of this entry »

Verified by MonsterInsights