On Monday 29th September, Australian Clinical Labs has announced that it has reached an agreement with the Australian Information Commissioner (AIC) to resolve civil penalty proceedings relating to the cyberattack on Medlab Pathology in February 2022 which affected 223,000 customers.
The penalties total $5.8 million for contravening the Privacy Act 1988 and a further $400,000 towards AIC's legal costs.
“It will be particularly interesting for some further insight on the calculation of penalties to be shared and I’m sure the community will be waiting to learn more as things develop.” Said Lucas Roe, Head of GRC, Infotrust.
"The first civil penalty judgement under the Privacy Act will mark a pivotal moment for the data protection and privacy space in Australia. It sends a clear message: the era of passive compliance is over. The regulatory landscape is evolving rapidly, and organisations that fail to act risk not only reputational damage, but financial penalties. It’s time to move from reactive to proactive privacy management." Explains Dean Thomson, Head of Data Protection and Privacy Services, Infotrust.
GRC brings legal, governance and risk management expertise (helping clients with the who, the what, and the why) to understand compliance with the Privacy Act, its principles and their supporting policies (if defined). We help to design or assess an Information Security Management System, helping define the “who”, “what” and “why” of security and privacy goals.
Infotrust is uniquely positioned to support organisations in navigating the evolving data risk landscape through its dedicated investment in a specialised Data Protection & Privacy Services team. This multidisciplinary services overlay delivers comprehensive, end-to-end outcomes integrating Advisory, GRC, Technical, and Managed Services - to help clients proactively manage privacy obligations, reduce regulatory exposure, and build effective data protection capabilities.
ASX Announcement - https://ir.miraqle.com/DownloadFile.axd?file=/Report/ComNews/20250929/02999945.pdf