New South Wales Consolidated Acts

PRIVACY AND PERSONAL INFORMATION PROTECTION ACT 1998 - SECT 59ZI

59ZI Privacy Commissioner may make guidelines

(1) The Privacy Commissioner may make guidelines for the purpose of exercising the Privacy Commissioner's functions under this Part.

(2) Without limiting subsection (1), the Privacy Commissioner may make guidelines about the following--

(a) whether access, disclosure or loss that occurs as a result of a data breach would be likely, or would not be likely, to result in serious harm to an individual,

(b) deciding whether to exempt a public sector agency for the following--

(i) reasons relating to serious risk of harm to health or safety,

(ii) cyber security reasons.

(3) The Privacy Commissioner must consult with the Minister responsible for this Act before publishing guidelines.

(4) Guidelines must be published on the Information and Privacy Commission's website.