Data Breach Response Guide & Toolkit (Australia) 

 For a global version of this guide and toolkit, see Data Breach Response Guide & Toolkit (Global)


Description

This publication provides in-depth guidance and tools to assist in developing a data breach response management framework (DBRM Framework) in accordance with international standards and Privacy Commissioner guidelines.

The text aims to enable organisations to rapidly develop and implement robust DBRM Frameworks suited to their circumstances in a structured and methodical manner. It provides extensive guidance on the development of a: 

  • Data Breach Management Policy (DBM Policy) – to establish a framework (eg policies, systems, controls and incident response team) for preparing for and managing incidents; and
  • Data Breach Response Plan (DBR Plan) – to establish procedures for managing incidents in a standardised manner and in accordance with regulatory obligations.

The guide provides comprehensive guidance on key steps that should be covered in a DBM Policy and a DBR Plan, including checklists and decision-making criteria to be used in assessing risks and determining remedial measures. 

The guide contains a detailed sample DBM Policy and sample DBR Plan providing working examples of provisions, forms, procedures and processes that can be readily adapted to suit an organisation’s specific circumstances.

The guide also shows how DBRM Frameworks can be linked-in with pre-existing data security frameworks and mandatory data breach notification obligations.

The product compliments, and can be purchased as a pack with, the Data Breach Notification Scheme Guide and Toolkit (which provides a guide to the legal requirements of the mandatory data breach notification scheme under the Privacy Act 1988 (Cth)). 

Sample pages

View Sample Pages

Contents

Introduction
     What constitutes a “data breach”?
     Statistics – Causes and costs of data breaches
     Key elements of a management framework
Data Breach Management Policy
     Checklist and guidance
          Purposes
          Scope of policy
          Data breach response team
          Register of data breach regulatory compliance obligations
          Register of data breach contractual obligations
          Register of data breach service providers
          Data inventory
          Contracts
          Insurance
          Detection, audit and response measures
          Incident reporting
          Prohibition on remedial measures by non-authorised personnel
          Data Breach Response Plan
          Communications
          Data breach incident activity log
          Litigation preparation
          Staff training
          Enforcement
          Hardcopy of Policy and Data Breach Response Plan
          Related policies and procedures
     Sample policy
Data Breach Response Plan
     Introduction
     Checklist and guidance
          Objectives
          Scope of plan
          Incident reporting
          Confirmation or denial of breach
          Containment
          Preliminary assessment
          Evidence gathering
          Investigation
          Vulnerability elimination
          Assistance measures to affected individuals
          Communications plan
          Notification (Mandatory) – Individuals and data protection authorities
          Notification (Voluntary) – Individuals and data protection authorities
          Notification – Other authorities and regulatory bodies
          Notification – Other affected entities
          Brand recovery strategy
          Disciplinary action
          Post-incident review
          Documentation
          Sequence of steps
          Related policies and procedures
     Sample plan

Format

Hardcopy

Author

by Presidian Legal Publications

This publication is authored by Presidian Legal Publications’ data privacy law writers. Presidian is a leading publisher of data privacy law resources in Australia, with extensive experience in publishing authoritative and up-to-date data privacy products for lawyers, government and businesses, including a loose-leaf subscription service, books, training workshops and online compliance training courses. With many of Presidian's services being developed in conjunction with some of Australia's most respected legal experts, Presidian has earned the reputation of a trusted provider of high-quality legal information products to the legal and business communities.

Cost

$495 + GST

Discounts

Multiple-copy discounts: 2 copies, 30%; 3 copies, 35%; 4+ copies, 40%
> 20% pack discount when ordered with Data Breach Notification Scheme Guide and Toolkit

How to order

Data Breach Response Guide and Toolkit only

1. Order online
2. 
Download & fax form to 08 8180 1880

Data Breach Response Guide and Toolkit +
Data Breach Notification Scheme Guide and Toolkit (PACK) (incl 20% discount)

1. Order online
2. 
Download & fax form to 08 8180 1880 
 

 

This product is sold subject to the Standard terms for looseleafs and books.

 


Other data privacy products

> Data Breach Notification Scheme Guide & Toolkit
Data Breach Notification Scheme Training Workshop
Online Privacy Training 
Australian Privacy Law Handbook

 View Pffffff