What are the consequences for your agency if responsible for a breach?

Privacy and Security
Written By Noni McDonald

O*NO you’ve had a data breach! How will this impact your agency and brand? What are the consequences attached to the breach?

  • Leave you open to a complaint to the Privacy Commissioner (OAIC). This can involve disciplinary action and significant financial penalties.

  • Damage your professional reputation. Your agency can cop negative publicity. Just think about the power of social media here!

  • Affect your relationship with customers or clients. Your business could lose out, even if you are not held accountable to the Privacy Commissioner or the media.

Businesses Operations Costs

IBM’s 2019 Cost of a Data Breach Report reveals significant business operations costs in the wake of a data breach. These costs are disproportionally high for small businesses.

IBM’s study looked at business activities necessary to resolve a data breach, including investigation, assessment, organising the response team, preparing notice documents, training, and engaging external services. Other cost factors included loss of brand equity, customer turnover, and drain on employee productivity.

Taking all these into account, IBM found the average cost of a data breach for the participating Australian companies was $3 million AUD, and the cost per lost record $160 AUD. Loss of consumer trust was the biggest cost factor overall.

If your agency is found to have had a notifiable data breach that was not reported within 30 days you could be fined up to $2.1 mil. It is important that you understand what a notifiable data breach means and take immediate action if one occurs. Do nothing, you will cop the fine !

Preventing Serious Harm

Businesses taking preventative measures such as encryption, data breach training, and forming a data breach response team & response plan, are able to take swift remedial action in the event of a breach. This can reduce the risk of harm to any individuals whose data was breached, prevent damage to the business’s reputation, and lower operations costs.

Does your agency have its Privacy Policy and response plan in place ?

Takeaway

A data breach will be serious if it is it likely to result in serious harm. Serious harm may hang upon many factors, but can take forms of psychological, emotional, physical, reputation or financial harm.

We can get an idea of how serious a data breach is by considering factors such as the types of information and who could get hold of it, circumstances of sensitivity, and numbers of people affected.

It is better to steer on the side of caution, remembering that while minor data breaches may not seem serious, the upshot could be. This is all the more likely if the breach remains unaddressed.

Of course, not all data breaches will cause serious harm. But all data breaches in Real Estate should be taken seriously. Think about the information you hold for tenants and landlords and the impact their profile being stolen could have on the individual.

Your next steps

Not sure if your agency has the ‘PRIVACY MUST HAVES’ ? Book a FREE 10min call with one of our privacy experts !


Boring legal stuff: This article is general information only as cannot be regarded as legal, financial or accounting advice and it does not take into account your personal circumstances. For tailored advice, please contact us.

 

Noni McDonald
Previous

Will my current management agreement hinder the sale of my rent roll?

Next

How serious is a data breach?