PRIVACY ACT 1988
PART IIIC - NOTIFICATION OF ELIGIBLE DATA BREACHES
This Part sets up a scheme for notification of eligible data breaches.
An eligible data breach happens if:
(a) there is unauthorised access to, unauthorised disclosure of, or loss of, personal information held by an entity; and
(b) the access, disclosure or loss is likely to result in serious harm to any of the individuals to whom the information relates.
An entity must give a notification if:
(a) it has reasonable grounds to believe that an eligible data breach has happened; or
(b) it is directed to do so by the Commissioner.
Division 1 - Introduction
SECTION 26WA SIMPLIFIED OUTLINE OF THIS PART