Effective breach management assists Whelan Property Group in avoiding or reducing possible harm to its clients to ensure the prevention of data breaches. This Data Breach Policy also describes the principles relating to documentation and communication so that organisational learning occurs in the event of a data breach. Whelan Property Group establishes responsibility and accountability for all steps in the process of addressing information security incidents that may result in data breaches and describes clear roles and responsibilities with the aim of ensuring a comprehensive and well-managed privacy information policy.
Security incidents involve wrongful handling or disclosure of information and can give rise to Data Breaches where personal data of our clients is involved. Although, this policy concentrates on personal data breaches, the policy equally applies to containment, investigation and improvements should a breach occur.
Personal Data Breaches may occur as a result of error, (either in operation or judgement), where the result has been the wrongful disclosure, or loss of private personal data of our clients. All breaches, whether staff related, or system related are covered under this policy.
At Whelan Property Group, appropriate technical and organisational measures are taken to prevent the unauthorised or unlawful processing of personal data and against accidental loss of, or damage to, personal data. All Staff must comply with the principles of data protection law, and confidentiality under the Privacy Act 1988 (Cth) (Privacy Act).
Whelan Property Group, takes all data breaches seriously, however, some incidents will have more severe impact on the data subject. Data breaches take three (3) main forms:
At Whelan Property Group, Data breaches of personal information are immediately reported to Senior Management, who raise an incident report using the CARE approach:
Whelan Property Group, will make contact with parties involved in the Data Breach, to advise.