Share Draft Data Breach Policy on FacebookShare Draft Data Breach Policy on TwitterShare Draft Data Breach Policy on LinkedinEmail Draft Data Breach Policy link
Project summary
This draft Data Breach Policy (Policy) informs the public of Council’s procedure for identifying, responding to and reporting data breaches of Council held information.
This Policy will assist Council to meet its legal obligations in respect of mandatory reporting of data breaches under the Privacy and Personal Information Protection Act 1998 (PPIP Act) and Privacy Act1988 and complies with best practice guidelines.
Policy objective
The objective of this Policy is to set out Council’s approach to identifying and managing a data breach, including:
• providing examples of situations considered to constitute a data breach;
• the five key steps involved in responding to a data breach;
• the considerations around notifying persons whose privacy may be affected by a data breach on a mandatory basis where required, or on a voluntary basis where warranted, to ensure that the Council responds appropriately to a data breach; and
• assists the Council in avoiding or reducing possible harm to both the affected individuals and the Council.
Have your say
If you would like to provide feedback on this Policy you can do so in one of the following ways:
Mail: Send a letter addressed as follows: Data Breach Policy, General Manager, Tweed Shire Council, PO Box 816, Murwillumbah NSW 2484
General enquiries: Viv Wright, Corporate Governance. Ph: 02 6670 2400
Project summary
This draft Data Breach Policy (Policy) informs the public of Council’s procedure for identifying, responding to and reporting data breaches of Council held information.
This Policy will assist Council to meet its legal obligations in respect of mandatory reporting of data breaches under the Privacy and Personal Information Protection Act 1998 (PPIP Act) and Privacy Act1988 and complies with best practice guidelines.
Policy objective
The objective of this Policy is to set out Council’s approach to identifying and managing a data breach, including:
• providing examples of situations considered to constitute a data breach;
• the five key steps involved in responding to a data breach;
• the considerations around notifying persons whose privacy may be affected by a data breach on a mandatory basis where required, or on a voluntary basis where warranted, to ensure that the Council responds appropriately to a data breach; and
• assists the Council in avoiding or reducing possible harm to both the affected individuals and the Council.
Have your say
If you would like to provide feedback on this Policy you can do so in one of the following ways:
Draft Data Breach Policy is currently at this stage
Contributions to this consultation are closed for evaluation and review. The project team will report back on key outcomes.
Final report
this is an upcoming stage for Draft Data Breach Policy
The final outcomes of the consultation are documented here. This may include a summary of all contributions collected as well as recommendations for future action.