🇦🇺 Australia
Australia's Privacy Act 1988, built around 13 Australian Privacy Principles and overseen by the OAIC, governs personal information handling economy-wide. Financial entities additionally must meet APRA's binding CPS 234 information security standard.
The Privacy Act 1988 regulates how personal information is handled across the Australian economy through 13 Australian Privacy Principles (APPs). It is administered by the OAIC and includes the Notifiable Data Breaches scheme requiring reporting of eligible breaches.
Read the breakdown →CPS 234 is a binding APRA prudential standard, effective 1 July 2019, requiring regulated financial entities to maintain information security capabilities resilient to incidents including cyberattacks. It mandates clear roles, controls, testing and incident notification.
Read the breakdown →