Earlier this year the National Data Breach Scheme came into force. The purpose of this was to ensure that the government had a handle on the ever increasing threat to business (and clientele thereof) from Cyber Attacks and in particular Privacy Breaches. Under the scheme there are a number of requirements which firms have to abide by in the event that they incur a privacy breach. One of these is that they must notify the commissioner of the breach (and follow through on their requirements) as well as all of the clients the business has. In terms of a ‘real’ cost this works out to be approx. $139 per record (client information) held, although this doesn’t factor in the reputational damage which can be incurred from this.
To ascertain what businesses need to comply with the scheme the government released a set of questions (https://www.oaic.gov.au/agencies-and-organisations/business-resources/privacy-business-resource-10). One of these questions pertained to Realtors, specifically if you held a residential tenancy database. As how I read this it would make Realtors fall under the scheme and therefore require them to comply with the scheme. As such this poses additional issues for a business, in particular, if they have a breach how will they finance the cost of not only the reporting, but all of the investigative work required within their systems and the cost of undoing any issues. Not to mention any fines which the commission may hand down.
With the above in mind I think that it is paramount that Realtors have in place Cyber Liability Insurance. Cyber Insurance provides cover to both the business and third parties but crucially includes notification costs within the insured limit. Cyber Insurance policies start as low as a few hundred dollars.
There is no requirement for businesses to hold the cover however we would see this as one of the main uninsured (and generally unthought of) exposures to all business, not just Realty.
Any questions please feel free to call Colne Risk Advisory on 1300 395 755