New South Wales Consolidated Acts
[Index]
[Table]
[Search]
[Search this Act]
[Notes]
[Noteup]
[Previous]
[Next]
[Download]
[History]
[Help]
PRIVACY AND PERSONAL INFORMATION PROTECTION ACT 1998 - SECT 59D
Meaning of eligible data breach and affected individual
(1) For the purposes of this Part, an
"eligible data breach" means-- (a) there is unauthorised access to, or
unauthorised disclosure of, personal information held by a
public sector agency and a reasonable person would conclude that the access or
disclosure of the information would be likely to result in serious harm to an
individual to whom the information relates, or
(b) personal information held
by a public sector agency is lost in circumstances where-- (i) unauthorised
access to, or unauthorised disclosure of, the information is likely to occur,
and
(ii) if the unauthorised access to, or unauthorised disclosure of, the
information were to occur, a reasonable person would conclude that the access
or disclosure would be likely to result in serious harm to an individual to
whom the information relates.
(2) An individual specified in subsection
(1)(a) or (1)(b)(ii) is an
"affected individual" .
(3) To avoid doubt, an eligible data breach may
include the following-- (a) a data breach that occurs within a
public sector agency,
(b) a data breach that occurs between public sector
agencies,
(c) a data breach that occurs by an external person or entity
accessing data held by a public sector agency without authorisation.
AustLII: Copyright Policy
| Disclaimers
| Privacy Policy
| Feedback