Hacked companies off the hook under new Australian privacy laws

The Office of the Australian Information Commission (OAIC) has confirmed it won’t hold organisations accountable for the exposure of personal information when accessed via a cyber attack, as long as the Office is satisfied with the level of security in place within the targeted systems.

New privacy rules strengthening the enforcement power of the OAIC come into effect in 12 March 2014.