PRIVACY ACT 1988 - SECT 26WK Statement about eligible data breach

PRIVACY ACT 1988 - SECT 26WK

Statement about eligible data breach

Scope

(1) This section applies if an entity is aware that there are reasonable grounds to believe that there has been an eligible data breach of the entity.

Statement

(2) The entity must:

(a) both:

(i) prepare a statement that complies with subsection (3); and

(ii) give a copy of the statement to the Commissioner; and

(b) do so as soon as practicable after the entity becomes so aware.

(3) The statement referred to in subparagraph (2)(a)(i) must set out:

(a) the identity and contact details of the entity; and

(b) a description of the eligible data breach that the entity has reasonable grounds to believe has happened; and

(d) recommendations about the steps that individuals should take in response to the eligible data breach that the entity has reasonable grounds to believe has happened.

(4) If the entity has reasonable grounds to believe that the access, disclosure or loss that constituted the eligible data breach of the entity is an eligible data breach of one or more other entities, the statement referred to in subparagraph (2)(a)(i) may also set out the identity and contact details of those other entities.

Commonwealth Consolidated Acts

Search AustLII

All Databases

Cases & Legislation

Journals & Scholarship

Law Reform

Treaties

Libraries

Communities

LawCite

Australia

CTH

ACT

NSW

NT

QLD

SA

TAS

VIC

WA

New Zealand

Specific Year

Any

Any

PRIVACY ACT 1988 - SECT 26WK Statement about eligible data breach