Data Breach Management: Guide & Toolkit 

This publication provides in-depth guidance on developing a data breach incident response management framework. Intended for use by entities of all sizes, including public companies, government agencies and private organisations, the product is designed to assist in achieving best practice standards, including compliance with relevant ISO Standards and federal Privacy Commissioner guidelines.

The guide enables users to develop a management framework from inception through to conclusion in a structured and methodical manner. It includes commentary on policies, processes and compliance measures to adopt, practice tips, sample documents and forms, extensive checklists and guidance on risk assessment criteria.

The guide is written using concise language with a practical focus to enable users to readily understand requirements and to efficiently develop a data breach incident response management framework.

This product compliments, and can be purchased as a pack with, the Data Breach Notification Scheme: Guide & Toolkit (which provides a guide to the legal requirements of the mandatory data breach notification scheme under the Privacy Act).


  Data Breach Management Policy and preparatory measures, including:
     o  establishing an incident response team
     o  reviewing service provider and client contracts
     o  register of regulatory compliance obligations (laws, codes and standards)
     o  register of contractual obligations
     o  register of external experts (legal, IT, computer forensic analysts, PR firms etc)
     o  chain of custody of evidence (to preserve the integrity of evidence)
     o  insurance requirements

  Data Breach Response Plan, covering:
     o  incident reporting
     o  preliminary assessment
     o  containment
     o  collection and preservation of evidence
     o  gathering and storing of evidence
     o  incident investigation
     o  risk assessment criteria
     o  internal reporting and documentation requirements
     o  incident activity log
o  vulnerability elimination and resumption of operations
     o  notification to Commissioner and individuals (mandatory and voluntary)
     o  managing undelivered notices 
  notification to other affected entities
o  reporting to other authorities
     o  response and remedial measures
  disciplinary action
     o  post-incident review
     o  litigation preparation

  Supplier and client contracts, covering:
     o  compliance with mandatory data breach notification laws
     o  incident reporting and updating
     o  duty to contain and remediate a breach
     o  responsibilities for notification and communications
     o  assistance with investigations
     o  right to sub-contract
  costs of remedial measures
     o  indemnities
     o  insurance coverage

  Data Breach Management Policy tools
     o  4-page checklist with guidance
     o  3-page sample policy

  Data Breach Response Plan tools
     o  5-page checklist with guidance
     o  8-page sample plan (including reporting forms, assessment forms, registers and logs)

  Contractual issues
     o  2 x page checklist with guidance




The work is authored by Jeremy Douglas-Stewart. Jeremy is a specialist privacy consultant advising businesses and government on privacy laws and data management practices. He has been recognised as a leading privacy lawyer in Australia. Jeremy has published extensively in the field of privacy and is author of a national privacy law loose-leaf service. He was a member of the Privacy Commissioner's Consultative Group during the review of the Privacy Act in 2004/05 and of the Australian Law Reform Commission's Privacy Principles Roundtable in 2007. Jeremy regularly delivers privacy training workshops around Australia.


Option 1

> Data Breach Management Framework Guide & Toolkit - $625 + GST

   - 15% discount if you have attended the Data Breach Notification Scheme Training 
      Workshop (enter the coupon code "DBPack" when ordering)
   - Multi-copy discounts - 2 copies, 10%; 3 copies, 17.5%; 4+ copies - 25%

Option 2

> Data Breach Management Framework: Guide & Toolkit + Data Breach Notification
   Scheme: Guide & Toolkit - $840 + GST

   - includes 20% package discount
   - multi-copy discounts - 2 copies, 10%; 3 copies, 17.5%; 4+ copies - 25%



Other data privacy products
> Data Breach Notification Scheme: Guide & Toolkit
Data Breach Notification Scheme Training Workshop

Online Privacy Training 
Australian Privacy Law Handbook



How to Order

------- OPTION 1 -------

Data Breach Response Framework: Guide & Toolkit

1. Order online

2. Download & fax form to 08 8180 1880


------- OPTION 2 -------

Data Breach Response Framework:
Guide & Toolkit

Data Breach Notification Scheme:
Guide & Toolkit

(includes 20% pack discount)

1. Order online 

2. Download & fax form to 08 8180 1880



This product is sold subject to the Standard terms for looseleafs and books



































 View Pffffff