Most Tas councils must comply with NDB scheme

Most Tasmanian councils need to be compliant with the new federal Notifiable Data Breach scheme, the Local Government Association Tasmania (LGAT) has warned.

While the NDB scheme does not generally apply to state or territory authorities, one of the few exceptions relates to recipients of tax file numbers.

Most councils in Tasmania hold tax file numbers and are therefore required to comply with the scheme, LGAT stated in its latest newsletter.

Councils that jointly hold personal information with service providers or other third parties may also need to be prepared for the scheme, as service providers may be required to report eligible breaches of all personal information.

LGAT called on councils to set up reporting arrangements with their providers to ensure compliance and help protect their reputation in the event of a breach.

Councils must also identify any information assets that contain tax file numbers, such as recruitment, payroll, personnel, banking or superannuation files, as well as any jointly held information assets.

They should also seek legal advice to incorporate reporting arrangements into new contracts with service providers, and review existing incident response plans for compliance with the scheme.

The LGAT also noted that Tasmania’s Office of the State Archivist and Office of eGovernment are developing guidance covering information asset registers and whole-of-government incident response plans.

Image credit: ©stock.adobe.com/au/Brian Jackson

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.