You Are Here : Home / Council/ Access to Council information / Data Breach Register

Data Breach Register

Mandatory notification of data breach register

Part 6A of the Privacy and Personal Information Protection Act 1998 (NSW) (PPIP Act) establishes the Mandatory Notification of Data Breaches (MNDB) scheme.

From 28 November 2023 every public sector agency bound by the PPIP Act must notify the Privacy Commissioner and affected individuals of eligible data breaches involving personal or health information that is likely to result in serious harm.

Agencies are required to maintain a public register of any notifications made under section 59ZE(2). The information recorded in the register must be publicly available for at least 12 months after the date of publication and include the information specified under section 59O.

External Register of Public Data Breach Notifications - 2023 to Present(PDF, 16KB)

Was this page helpful? * (required)

Help us improve this site

Yes

Maybe

How can we improve this page?

Email address

Type the characters you see in the image below * (Required)

Generate new imageRead aloud

Please enter the text in the image