Commonwealth Consolidated Acts

[Index] [Table] [Search] [Search this Act] [Notes] [Noteup] [Previous] [Next] [Download] [Help]


Simplified outline of this Part

  This Part sets up a scheme for notification of eligible data breaches.

  An eligible data breach happens if:

  (a)   there is unauthorised access to, unauthorised disclosure of, or loss of, personal information held by an entity; and

  (b)   the access, disclosure or loss is likely to result in serious harm to any of the individuals to whom the information relates.

  An entity must give a notification if:

  (a)   it has reasonable grounds to believe that an eligible data breach has happened; or

  (b)   it is directed to do so by the Commissioner.

  The Commissioner may obtain information or documents in relation to actual or suspected eligible data breaches.

AustLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback