Responding to a potential privacy breach
If there is an immediate risk to a person’s life, health or safety, call 000.
A privacy breach can happen when personal information is accessed, used or disclosed without authorisation or is lost, or otherwise dealt with in a way that would not comply with the Information Privacy Act 2009.
The impacts of unauthorised access to and disclosure of information both on agencies and on the people whose information is accessed or disclosed to third parties can be significant.
It is important the response to a potential information breach is timely, consistent, efficient and appropriate. The following resources are designed to guide and support an agency, employees and contractors.
What to do?
- Initial response – Privacy Breach Self-Assessment tool (DOCX, 49.21 KB)
- Manage the breach – Guideline: Privacy breach management and notification
- Notify OIC, if necessary (DOCX, 29.99 KB)
We are interested in receiving feedback on our privacy breach resources. Share your feedback with us here.