·
Australia’s Notifiable Data Breaches scheme (NDB scheme), which came into effect in late February 2018, ushered in new obligations for Australian Government agencies and private sector organisations that have existing information security obligations under the Australian Privacy Act 1988 (Cth) (the Privacy Act). Among these new obligations, one in particular has proved to be a trip hazard for small- and mid-sized private healthcare providers moving along the path to better privacy management.