Toll Data Breach – A Warning for Others

Under the banner of chain of responsibility employers in the transport industry are coercing transport operators and drivers to hand over personal and commercially sensitive information e.g. licenses, vehicle data and travel information, without any legal basis to do so. If you do this you are required to keep that information secure. If it leaks you must notify the person who’s information it was and notify the Australian Information Commissioner within 30 days. If you don’t notify you may be up for penalties of up to $360,000 for individuals and $1.8 million for organisations and can be liable for any damages arising from the leak.

I suggest most companies mistakenly collecting information are not aware of this and do not have systems in place to manage a leak. So not only is collecting this information not legally required and a waste of time but poses a very real risk to you and your business. Why on earth would you put yourself in this position. Please stop.