Train staff on privacy risks: OAIC

The Office of the Australian Information Commissioner has called for staff training on how to identify and prevent privacy risks, as financial services recorded the second highest number of data breaches in the third quarter of 2018.

In its report of notifiable data breaches between July and September, the OAIC noted the finance sector was the second worst offender for data breaches with 35 notifications.

Of the sector's breaches, 48% were attributable to human error, while 46% were the result of malicious or criminal attacks - just 6% were due to a system fault.

Australian information commissioner and privacy commissioner Angelene Falk called on organisations and agencies to make privacy training part of business as usual.

"Everyone who handles personal information in their work needs to understand how data breaches can occur so we can work together to prevent them," Falk said.

"Organisations and agencies need the right cyber security in place, but they also need to make sure work policies and processes support staff to protect personal information every day."

She added the OAIC's latest report showed 20% of data breaches over the quarter occurred when personal information was sent to the wrong recipient.

The worst offending industry sector across the quarter was private health service providers, who made 45 reportable breaches to the commissioner. Legal, accounting and management services followed closely with 34, while private education providers and personal services rounded out the top five.

Falk also said Australians need to be alert to phishing scams, noting 20% of all data breaches in the quarter were attributable to phishing.

Read more: Australian Information CommissionerOAICAngelene Falk
Link to something iOmYkAoC