Data Breach Policy and Public Notification Register


Part 6A of the Privacy and Personal Information Protection Act 1998 (NSW) (PPIP Act) established the NSW Mandatory Notification of Data Breach (MNDB) Scheme. The MNDB Scheme requires every NSW public sector agency bound by the PPIP Act to notify the Privacy Commissioner and affected individuals of eligible data breaches. Under the scheme, public sector agencies are required to prepare and publish a Data Breach Policy (DBP) for managing such breaches.

Data Breach Policy

This policy outlines Council’s approach to complying with the MNDB Scheme, the roles and responsibilities for reporting data breaches and strategies for containing, assessing, and managing eligible data breaches.

Public Notification Register

This page provides details of the public notification of an eligible data breach under the Privacy and Personal Information Protection Act 1998 (NSW) (PPIP Act). A public notification is provided when it is not reasonably practicable to notify any or all of the individuals affected by the breach directly.

A list of all public notifications made by Council and Council’s Register of Public Notifications is found below. Council will retain notifications in the register for a period of 12-months.

Links to Public Notifications

There are no public notifications at this time.

Register of Public Notifications

There have been no notifications made in the previous 12-months.

Other Associates Links

More information

Contact Council for more information about the Data Breach Policy and Public Notification Register: