Commonwealth Consolidated Acts Commonwealth Consolidated ActsA relevant entity for a critical infrastructure asset may make a record of, use or disclose protected information if:
(a) the protected information was obtained, generated or adopted by the entity for the purposes of complying with this Act; and
(b) the entity makes the record, or uses or discloses the information, for the entity's business, professional, commercial or financial affairs.
Note: This section is an authorisation for the purposes of other laws, including the Australian Privacy Principles.