Breaching Boundaries: Improving Data Breach Notifications in Australia
| Field | Value | Language |
| dc.contributor.author | Andrew, Jane | |
| dc.contributor.author | Baker, Max | |
| dc.contributor.author | Bowyer-Pont, Penelope | |
| dc.date.accessioned | 2024-08-22T02:10:36Z | |
| dc.date.available | 2024-08-22T02:10:36Z | |
| dc.date.issued | 2024-08-22 | |
| dc.identifier.uri | https://hdl.handle.net/2123/32980 | |
| dc.description.abstract | This report presents the findings from an ARC-funded research project examining organisational data breach disclosure practices in Australia. The research sought to understand how organisations navigate the increasingly important and challenging areas of information security, privacy, data breaches, and breach disclosure and notification. We conducted in-depth, semi-structured interviews with 50 senior personnel from organisations including large for-profit entities, key not-for-profits and government agencies at both a state and federal level. We interviewed senior executives and personnel working in information security, privacy, cybersecurity, data management, risk, and compliance roles. In this report we present ten key findings from our interview analysis. For each finding we suggest recommendation(s) that, if implemented, support an improved disclosure regime and can help guide organisational best practice as data breach notification assessments are made. | en_AU |
| dc.language.iso | en | en_AU |
| dc.rights | Creative Commons Attribution-NonCommercial 4.0 | en_AU |
| dc.subject | Data breaches | en_AU |
| dc.subject | Breach notification | en_AU |
| dc.subject | Cybersecurity | en_AU |
| dc.subject | Information security | en_AU |
| dc.subject | Privacy regulation | en_AU |
| dc.title | Breaching Boundaries: Improving Data Breach Notifications in Australia | en_AU |
| dc.type | Report, Research | en_AU |
| dc.subject.asrc | ANZSRC FoR code::46 INFORMATION AND COMPUTING SCIENCES::4604 Cybersecurity and privacy::460402 Data and information privacy | en_AU |
| dc.subject.asrc | ANZSRC FoR code::46 INFORMATION AND COMPUTING SCIENCES::4604 Cybersecurity and privacy::460403 Data security and protection | en_AU |
| dc.subject.asrc | ANZSRC FoR code::35 COMMERCE, MANAGEMENT, TOURISM AND SERVICES::3501 Accounting, auditing and accountability::350199 Accounting, auditing and accountability not elsewhere classified | en_AU |
| dc.subject.asrc | ANZSRC FoR code::35 COMMERCE, MANAGEMENT, TOURISM AND SERVICES::3507 Strategy, management and organisational behaviour::350710 Organisational behaviour | en_AU |
| dc.subject.asrc | ANZSRC FoR code::48 LAW AND LEGAL STUDIES::4807 Public law::480706 Privacy and data rights | en_AU |
| dc.identifier.doi | 10.25910/psq3-q365 | |
| dc.relation.arc | DP220101405 | |
| usyd.faculty | SeS faculties schools::The University of Sydney Business School::Discipline of Accounting, Governance and Regulation | en_AU |
| workflow.metadata.only | No | en_AU |
Associated file/s
Associated collections