New Notifiable Data Breach laws

New data breach laws come into effect

New data breach rules in effect from 22 February 2018 place an onus on business to protect and notify individuals whose personal information is involved in a data breach that is likely to result in serious harm.

privacyIn October last year, almost 50,000 employee records from Australian Government agencies, banks and a utility were exposed and compromised because of a misconfigured cloud-based 'Amazon S3 bucket'. AMP was reportedly one of the worst affected with 25,000 leaked employee records. ITNews reports that the data breach was discovered by a Polish researcher who conducted a search for Amazon S3 buckets set to open, with "dev", "stage", or "prod" in the domain name. One contractor appears to be behind the breach.

In October 2016, the details of over half a million Red Cross blood donors were inadvertently exposed after a website contractor created an insecure data backup. In the US, a massive data breach exposed the credit records (including social security records) of over 145 million Americans – all because an IT worker didn't open an email about a critical patch for their software. 

Regardless of how good your existing systems are, data breaches are a reality either through human error, mischief, or simply because those looking for ways to disrupt are often one step ahead. But it's not all about IT, there have been numerous cases of hard copy records being disposed of inappropriately, employees allowing viruses to penetrate servers after opening the wrong email, and sensitive data on USBs lost on the way home.

Who is covered by the data breach scheme?
The Notifiable Data Breach (NDB) Scheme affects organisations covered by the Privacy Act - that is, organisations with an annual turnover of $3 million or more. But, if your business is 'related to' another business covered by the Privacy Act, deals with health records (including gyms, child care centres, natural health providers, etc.,), or a credit provider etc., then your business is also affected (see the full list). Special responsibilities also exist for the handling of tax file numbers, credit information and information contained on the Personal Property Securities Register.

What you need to do
It's important to keep in mind that complying with these new laws means more than notifying your database when something goes wrong. Organisations are required to take all reasonable steps to prevent a breach occurring in the first place, put in place the systems and procedures to identify and assess a breach, and issue a notification if a breach is likely to cause 'serious harm'.

Taking all reasonable steps – assessing risk
The Privacy Act already requires organisations to take all reasonable steps to protect personal information. The new data breach laws merely add an additional layer to assess breaches and notify where the breach poses a threat. For example, if you have not already, you should assess issues such as:

  • How personal information flows into and out of your business. For example:
    • What information do you gather (including IP data from websites)
    • What information do you provide (for example, do you provide information on your clients to third parties?)
    • Where private information is stored – map out what systems you use, where these systems store data (if cloud-based, your data may be held in a foreign country), what level of security is provided within those systems, and what level of access each team member has (and what they should have access to for their role)
  • How private information is handled by your business across its lifecycle and who has access at each stage (not just who is accessing the information for their work but who 'could' access this information)
  • Possible impacts on an individuals' privacy (risk assessment)
  • The policies and procedures in place to manage private information, including risk management and mitigation, whether these are adhered to, and actively managed
  • The policy review process - review policies and procedures at least annually but again with the introduction of new systems and technology. Remember, you can't just have a policy sitting somewhere, it needs to be actively reinforced and adopted by team members
  • Instate new project protocols for ensuring privacy where personal information is at risk
  • Document everything including your reviews and procedural updates even if nothing changed. If there is ever an issue where your business's culpability is assessed, your capacity to prove that you took all reasonable steps will be important.

When it comes to data breaches, all organisations must have a data breach response plan. The data breach plan covers the:

  • Actions to be taken if a breach is suspected, discovered or reported by a staff member, including when it is to be escalated to the response team
  • Members of your data breach response team (response team), and
  • Actions the response team is expected to take.

The Office of the Australian Information Commissioner provides a sample breach response plan.

Connect with @CollinsHume on Facebook Google MyBusiness Instagram LinkedIn Ballina Byron Bay Lismore 02 6686 3000

REINVENT Playing a Bigger Game 15 March

Event a mammoth coup for every business in our region
Save the date for REINVENT Playing a Bigger Game on 15 March 2018

REINVENT Playing a Bigger GameCollins Hume have arranged for one of the world's leading business thinkers and speakers, Paul Dunn, to present a stunning two-part business-building event in Ballina on 15 March.

Paul will touch down from his worldwide headquarters in Singapore to present live what he calls 'REINVENT: Playing a Bigger Game'. 

Stacked full of new insights for you and your business.
Paul has presented as a TEDx speaker on multiple occasions, so when he comes to town for a unique event, we need to let everyone know about it.

Many people experienced Paul's Unleash the Power of Small in Ballina last year and never resonated so much with a speaker before. On top of that, Paul has a gift for helping business owners take their businesses to new heights. And he helps them embed new meaning and purpose into their businesses that's fast-paced and very different.

The magic of this event (live on Thursday 15 March) is that Paul gives our local business owners insight after insight in the most inspiring of ways in what he calls simple to implement = profound results.

You'll learn that almost all of the ideas are zero-cost-to-implement for you to apply. And we hope you'll see some differences instantly.

Talking of making a difference, this will be an incredibly special opportunity to seriously build your business, your revenues and your profits. 

Save the date – we hope you can join us.
'REINVENT: Playing a Bigger Game' will be held at Ballina RSL on 15 March 2018. Doors open at 8.40AM and tickets include refreshments. Tickets are $49 for the morning session and $89 for the afternoon session which includes a light lunch, available from or by calling Collins Hume on 02 6686 3000.

Small Business Super Clearing House

ATO's new look SBSCH here in Feb

On 26 February, the Small Business Superannuation Clearing House (SBSCH) service will join the ATO's online services Business Portal.

superannuationTo manage the transition, the SBSCH will be unavailable from Tuesday 20 February 2018 to Sunday 25 February 2018 inclusive. During this time the ATO will be transferring your data across to the new system.

Super contribution payments in the old system must be completed prior to 3pm AEDT Monday 19 February 2018.

The super guarantee quarterly contribution deadlines remain unchanged and the next payment date is 28 January.

To access the new system you must obtain an authentication credential, either an AUSkey or Manage ABN Connections via myGov, to login to the Business Portal. More than 100,000 users of the SBSCH have obtained an authentication credential and are ready to use the clearing house when it joins the portal.

If your tax professional uses the SBSCH on your behalf, they will continue to manage your super obligations on your behalf through their online channel.

If you are a sole trader or individual employer, you will need to register via your myGov account and link to our online services.

If you are looking for an alternative to the SBSCH, contact your super fund to discuss options to paying super contributions or call Collins Hume in Ballina, Byron Bay or Lismore on 02 6686 3000.

Connect with @CollinsHume on Facebook Google MyBusiness Instagram LinkedIn Ballina Byron Bay Lismore 02 6686 3000

CH 2018 NRL footy tipping comp

Your chance to be part of the fun 

Join our FREE Collins Hume NRL Footy Tipping competition, where you can win some great prizes!

footy tipping comp5 easy steps to enter 

  1. Go to
  2. Click the 'REGISTER' button if you don't already have an account with
  3. Once you have successfully registered login and, click the JOIN COMP button.
  4. Enter the Comp # and Comp Password details below.
  5. DONE! 

Competition details

  • Comp Name: Collins Hume 2018 NRL
  • Comp#: 103098
  • Comp Password: CH1234
  • Comp Type: FREE
  • Comp Starts: 8 March 2018
  • Manager's Name: Jamie Doyle
  • Manager's Email:

*** TIP CUT-OFF TIME for our comp is 5-minutes before the match each week. ***

Prize information

  • First prize $150 cash and $100 to the charity of your choice
  • Second prize $100
  • Third prize $50
  • Knockout Comp Winner $100 cash and $100 to the charity of your choice

Good luck! We look forward to announcing winners at the end of the season.

Connect with @CollinsHume on Facebook Google MyBusiness Instagram LinkedIn Ballina Byron Bay Lismore 02 6686 3000New Post

REINVENT Playing a Bigger Game

Ballina accountants to hold second business-building event
Don't miss your chance to take part in a local business event like no other, and give back to charity by doing so.

REINVENT Playing a Bigger GameOn Thursday 15 March 2018 Collins Hume Accountants and Business Advisers will host a repeat visit from TedX veteran presenter, Paul Dunn, for another special, one-off business building session at Ballina RSL called 'REINVENT: Playing a Bigger Game'.

This year's event will feature a general session in the morning, then a 'Going Deeper' session with lunch included for businesses who wish to stay in the afternoon and delve further into their business potential.

Organiser David Keith said tickets are limited, so interested business owners should register now to avoid disappointment given the popularity of Collins Hume's 2017 event, Unleash the Huge Power of Small, which was a sell-out and raised $18,000 for charity.

"Northern Rivers businesses will be winners on the day. Business owners who experienced Paul's presentation last year say it is the best business event they've attended," said David Keith. "This event is a must for growth-oriented businesses."

"We're really trying to give local businesses a leg up. Paul Dunn is known for his business building insights using incremental yet powerful ideas that seriously make a difference to any business." 

"We're very excited about Paul again being our keynote speaker and thrilled to be supporting local business operators as well as charities in our local area," said David. "We want as many businesses to come along which is why ticket prices are ridiculously low. All proceeds from ticket sales will be going to charity so it really is a win-win."

A 2017 attendee added, "As soon as I had my first meeting with Collins Hume, I knew they were different. My wife insisted that I come along today and I'm very glad that I did. I'm impressed at how well this seminar has come together!"

'REINVENT: Playing a Bigger Game' will be held at Ballina RSL on 15 March 2018. Doors open at 8.40AM and tickets include refreshments. Tickets are $49 for the morning session and $89 for the afternoon session which includes a light lunch, available from or by calling Collins Hume on 02 6686 3000.

Copyright 2018. Collins Hume Ballina Byron Bay Lismore NSW

What’s changing in 2018?

What's on the cards for 2018? 


We highlight major changes for 2 financial-year milestones - Jan and July - most of which we covered in 2017. 


2018Take a moment to refamiliarise, especially the 10 major changes that kick off in July 2018.

1 January 2018
  • Vacancy fees for foreign acquisitions of residential land An annual vacancy fee imposed on foreign owners of residential real estate if the property is not occupied or genuinely available on the rental market for at least 183 days in a particular 12 month period. Foreign owners can avoid the fee by living in the property (or have a family member live in the property), leasing the property, or making it available for rent, for a total of 183 days in a 12 month period. Short term letting arrangements often won't be sufficient to avoid the levy.
  • CGT concession for investments in affordable housing The CGT discount will be increased for individuals who choose to invest in affordable housing. The current 50% discount will increase by 10% to 60% for resident individuals who elect to invest in qualifying affordable housing. Non-residents are not generally eligible for the CGT discount. This change is not yet legislated.

1 July 2018

  1. Super concessions for downsizers come into effect If you are over 65, have held your home for 10 years or more and are looking to sell, you can contribute a lump sum of up to $300,000 per person to superannuation without being restricted by the existing non-concessional contribution caps - $100,000 subject to your total superannuation balance - or age restrictions.
  2. Using super to save for your first home The first home savers scheme will enable first-home buyers to save for a deposit inside their superannuation account, attracting the tax incentives and some of the earnings benefits of superannuation. Home savers can make voluntary concessional contributions (for example by salary sacrificing) or non-concessional contributions (voluntary after-tax contributions) of $15,000 a year within existing caps, up to a total of $30,000. When you are ready to buy a house, you can withdraw those contributions along with any deemed earnings in order to help fund a deposit on your first home.
  3. GST on low value imported goods GST will apply to retail sales of low value physical goods ($1,000 or less) that have been imported into Australia and sold to consumers.
  4. Who pays the GST on residential property & subdivisions Property developers will no longer manage the GST on sales of newly constructed residential properties or new subdivisions. Instead, the Government will require purchasers to remit the GST directly to the ATO as part of the settlement process. This change is not yet legislated.
  5. $20k immediate deductions threshold for assets purchased by businesses with an aggregated turnover of under $10 million ends 30 June 2018.
  6. Taxable payments reporting system extended to couriers & cleaners Businesses in the courier and cleaning industries will need to collect information from 1 July 2018, with the first annual report required to be lodged in August 2019.
  7. Single Touch Payroll reporting starts for employers with 20 or more employees. Employers will report payments such as salaries and wages, PAYG withholding and super information directly to the ATO from their payroll system at the same time they pay their employees.
  8. Closing salary sacrifice loopholes to reduce super guarantee Loopholes that enable employers to reduce the Superannuation Guarantee (SG) contributions owed to employees by using salary sacrifice contributions will be closed. This change is not yet legislated.
  9. Access to reduced company tax rate limited Limits access to the 27.5% company tax rate by replacing the existing 'carrying on a business test' with a passive income test. Under the new rules, a company will not be able to access the reduced company tax rate if more than 80% its assessable income is passive in nature. This change is not yet legislated. 
  10. Wine equalisation tax rebate tightened eligibility Wine producers will be required to own at least 85% of the grapes used to make the wine throughout the winemaking process and brand wine with a trademark.

Keep up to date throughout the business year on the Collins Hume blog or download our free, handy app.

Connect with @CollinsHume on Facebook Google MyBusiness Instagram LinkedIn Ballina Byron Bay Lismore 02 6686 3000