Mandatory Notification of Data Breach Scheme
| Webinar: 12 Months on from the MNDB Scheme and its application under the PPIP Act |
|---|
The IPC is hosting a webinar for State-Owned Corporations (SOCs) on the Mandatory Notification of Data Breach (MNDB) Scheme and its regulation under the Privacy and Personal Information Protection Act 1998 (PPIP Act) on 22 January 2025.
This online session will cover the findings from the MNDB Trends Report and the Desktop Review of Data Breach Policy Compliance Report and discuss how SOCs are progressing with meeting their compliance and obligations. The Acting Privacy Commissioner will discuss insights and lessons learned across government agencies with respect to data breaches.
The session will also focus on the suite of resources, tools and communications available to support SOCs management of the Scheme, report breaches, and notify those affected.
Audience: NSW State-Owned Corporations:
- Essential Energy
- Forestry Corporation of NSW
- Hunter Water
- Landcom
- Port Authority of NSW
- Sydney Water
- Transport Asset Holding Entity of NSW (TAHE)
- Water NSW
Date: 2.00-3.00pm, 22 January 2025
Format: Online
Registrations: Register to attend.
Once registered, you will confirmation email and further details and links to view the event will be sent closer to the day.
Please note: This webinar has been designed for NSW State-Owned Corporations. You will need a valid State-Owned Corporation email to register.
| About the Mandatory Notification of Data Breach Scheme |
|---|
The Mandatory Notification of Data Breach (MNDB) Scheme (MNDB Scheme) impacts the responsibilities of agencies under the Privacy and Personal Information Protection Act 1998 (PPIP Act). It requires agencies to notify the Privacy Commissioner and provide notifications to affected individuals in the event of an eligible data breach of their personal or health information by a NSW public sector agency or state-owned corporation subject to the PPIP Act.
More Information about the MNDB Scheme can be found in Part 6A of the Privacy and Personal Information Protection Act 1998.
The MNDB Scheme requires agencies to satisfy other data management requirements, including to maintain an internal data breach incident register, and have a publicly accessible data breach policy.
You can refer to the IPC’s new and updated resources in relation to the MNDB Scheme for further information.
Reporting information about the MNDB Scheme is available via the Reporting on the Scheme page. Annual summary data will also be included in the IPC Annual Report. Annual summary data will also be included in the IPC Annual Report.
