The Office of the Australian Information Commissioner (OAIC) has recently released its quarterly report for the notifiable data breaches for the period 1 October to 31 December 2018.
The total number of notifiable data breaches was similar to the previous quarter, but did have a slight increase from 245 to 262. In the vast majority of cases the number of individuals affected was less than 1,000, with 60% of breaches impacting less than 100 individuals. On the other hand, only four of the 262 notifiable data breaches recorded last quarter affected over 100,000 people.
Health service providers again topped the list of number of notifiable data breaches when considered by sector. Approximately 21% of the data breaches in the last quarter occurred in the health sector. For health service providers, about half were caused by human error while the other half were as a result of malicious or criminal attack.
The health sector is likely to frequently appear in these OAIC reports as the personal information the health sector deals with is particularly sensitive and more likely to meet the requirements to require mandatory notification of a data breach.
Read the full OAIC report and summary of key findings here.