Data breach response plan critical for tax practices: ATO

Tax

The ATO has encouraged tax practices to look into their cyber-security measures as a key priority moving forward, noting they’re among the most at risk of falling victim to data breaches.

22 February 2022 • By Emma Musgrave • 5 minutes read

Share this article on:

Facebook X LinkedIn

In a recent update, the ATO flagged the importance of tax practices preparing for a cyber-security incident.

“Cyber criminals will often target tax practices because they hold large amounts of client information. That’s why it’s important to have a data breach response plan in place,” the ATO said.

You’re out of free articles for this month

Username or Email

Password Forgot password?

Keep me signed in on this device.

First Name

Last Name

Mobile

Organisation Type

By becoming a member, I agree to receive information and promotional messages from Accountants Daily. I can opt out of these communications at any time. For more information, please visit our Privacy Statement.

Need help signing up? Visit the Help Centre.

The ATO recommended employers look into guidance directed by the Office of the Australian Information Commissioner (OAIC) and ensure they have an appropriate data breach response plan in place that includes the following:

Clear escalation procedures and reporting lines for suspected breaches
Processes that outline when and how affected individuals are notified
A record-keeping policy to ensure breaches are documented
Strategies to identify and address any data-handling weaknesses that could have contributed to the breach

“You should regularly review and test your plan and make improvements as necessary,” the ATO flagged.

“A plan like this will help you act quickly and minimise harm in the unfortunate event that a data breach does occur.

“If you are governed by the Privacy Act 1988, you should also know your obligations under the Notifiable Data Breaches Scheme. This scheme requires regulated entities to notify the Office of the Australian Information Commissioner and specific individuals about any data breaches that are likely to result in serious harm.”

Tags:

You need to be a member to post comments. Become a member for free today!

Emma Musgrave

AUTHOR

Emma Ryan is the deputy head of content at Momentum Media and editor of the company's legal publication, Lawyers Weekly.

Emma has worked for Momentum Media since 2015 and has been responsible for breaking some of the biggest stories in corporate Australia. In addition, she has produced exclusive multimedia and event content related to the company's respective brands and audiences.

A journalist by training, Emma has spent her career connecting with key industry stakeholders across a variety of platforms, including online, podcast and radio. She graduated from Charles Sturt University with a Bachelor of Communications (Journalism).

know more

You are not authorised to post comments.

Comments will undergo moderation before they get published.

MENU

MORE

Data breach response plan critical for tax practices: ATO

Emma Musgrave

You are not authorised to post comments.