Go Back

Draft Data Breach Policy

Share Draft Data Breach Policy on Facebook Share Draft Data Breach Policy on Twitter Share Draft Data Breach Policy on Linkedin Email Draft Data Breach Policy link

Consultation has concluded

Thank you for having your say on Council's draft Data Breach Policy document – submissions are now closed.

Community feedback was invited from 27 September to 25 October 2023.

Despite 73 page visits during the consultation period, no submissions were provided and therefore no changes were made to the draft Data Breach Policy as a result of this consultation.

Council's Data Breach Policy was adopted without change at Council's meeting on 16 November 2023.

Project summary

This draft Data Breach Policy (Policy) informs the public of Council’s procedure for identifying, responding to and reporting data breaches of Council held information.

This Policy will assist Council to meet its legal obligations in respect of mandatory reporting of data breaches under the Privacy and Personal Information Protection Act 1998 (PPIP Act) and Privacy Act 1988 and complies with best practice guidelines.

Policy objective

The objective of this Policy is to set out Council’s approach to identifying and managing a data breach, including:

• providing examples of situations considered to constitute a data breach;

• the five key steps involved in responding to a data breach;

• the considerations around notifying persons whose privacy may be affected by a data breach on a mandatory basis where required, or on a voluntary basis where warranted, to ensure that the Council responds appropriately to a data breach; and

• assists the Council in avoiding or reducing possible harm to both the affected individuals and the Council.

Have your say

If you would like to provide feedback on this Policy you can do so in one of the following ways:

Email: Send an email to tsc@tweed.nsw.gov.au Subject heading: Data Breach Policy

Mail: Send a letter addressed as follows: Data Breach Policy, General Manager, Tweed Shire Council, PO Box 816, Murwillumbah NSW 2484

General enquiries: Viv Wright, Corporate Governance. Ph: 02 6670 2400

Thank you for having your say on Council's draft Data Breach Policy document – submissions are now closed.

Community feedback was invited from 27 September to 25 October 2023.

Despite 73 page visits during the consultation period, no submissions were provided and therefore no changes were made to the draft Data Breach Policy as a result of this consultation.

Council's Data Breach Policy was adopted without change at Council's meeting on 16 November 2023.

Project summary

This draft Data Breach Policy (Policy) informs the public of Council’s procedure for identifying, responding to and reporting data breaches of Council held information.

This Policy will assist Council to meet its legal obligations in respect of mandatory reporting of data breaches under the Privacy and Personal Information Protection Act 1998 (PPIP Act) and Privacy Act 1988 and complies with best practice guidelines.

Policy objective

The objective of this Policy is to set out Council’s approach to identifying and managing a data breach, including:

• providing examples of situations considered to constitute a data breach;

• the five key steps involved in responding to a data breach;

• the considerations around notifying persons whose privacy may be affected by a data breach on a mandatory basis where required, or on a voluntary basis where warranted, to ensure that the Council responds appropriately to a data breach; and

• assists the Council in avoiding or reducing possible harm to both the affected individuals and the Council.

Have your say

If you would like to provide feedback on this Policy you can do so in one of the following ways:

Email: Send an email to tsc@tweed.nsw.gov.au Subject heading: Data Breach Policy

Mail: Send a letter addressed as follows: Data Breach Policy, General Manager, Tweed Shire Council, PO Box 816, Murwillumbah NSW 2484

General enquiries: Viv Wright, Corporate Governance. Ph: 02 6670 2400