Responding to a potential privacy breach

If there is an immediate risk to a person’s life, health or safety, call 000.

A privacy breach can happen when personal information is accessed, used or disclosed without authorisation or is lost, or otherwise dealt with in a way that would not comply with the Information Privacy Act 2009.

The impacts of unauthorised access to and disclosure of information both on agencies and on the people whose information is accessed or disclosed to third parties can be significant.

It is important the response to a potential information breach is timely, consistent, efficient and appropriate. The following resources are designed to guide and support an agency, employees and contractors.