IPC Data Breach Policy and Public Notification Register
| IPC Data Breach Policy |
|---|
This policy outlines the Information and Privacy Commission’s (IPC) approach to complying with the Mandatory Notification of Data Breach (MNDB) Scheme, the roles and responsibilities for reporting data breaches and strategies for containing, assessing and managing eligible data breaches.
Further information and resources on the MNDB Scheme are available via the IPC's dedicated webpages.
| IPC Public Notification Register |
|---|
This page provides details of the public notification of an eligible data breach under the Privacy and Personal Information Protection Act 1998 (NSW) (PPIP Act) for the IPC.
A public notification is provided when it is not reasonably practicable to notify any or all of the individuals affected by the breach directly.
A list of all public notifications made by the IPC and the IPC Register of Public Notifications is found below. The IPC will retain notifications in the register for a period of 12-months.
Under the PPIP Act, the IPC is also required to publish the public notifications of other agencies on its website. The Public Notifications Register for other agencies is available via the Mandatory Notification of Data Breach Scheme section of the website.
Register of IPC Public Notifications
| IPC Data Breach Identifier | Date of data breach | Date IPC became aware of data breach | Description of data breach | Type of data breach |
| N/A - There have been no notifications made in the previous 12-months. | ||||
