Data Breach Scheme Policy

Mandatory Data Breach Scheme Policy

The NSW Mandatory Notification Data Breach (MNDB) Scheme comes into effect on Tuesday 28 November 2023, which Council is obligated to adhere to, in accordance with the Privacy and Personal Information Protection Act 1998 (NSW) (PPIP Act).

The MNDB scheme applies to breaches, identified as ‘eligible data breaches’ of:

  • ‘Personal information, as defined by the PPIP Act, meaning information or an opinion about an individual whose identity is apparent or can reasonably be ascertained from the information or opinion; and
  •  ‘Health information’ as defined by the Health Records and Information Privacy Act 2002 (NSW) (HRIP Act), meaning information about an individual’s physical or mental health, disability, and personal information connected to the provision of a health service.

Council is committed to keeping your data safe and protected, and in response to commencement of the MNDB scheme, this new policy has been developed that explains:
1. What our response to a data breach will be
2. How we will notify those affected by an eligible data breach
3. What actions we will take to prevent eligible data breaches in the future

 

Read the Mandatory Notification Data Breach Policy here

Read frequently asked questions about the MNDB scheme here

 

To report a data breach click here (PDF 259.5KB)

Alternatively you can report a data breach online, here

Record of breaches below:

Tamworth Regional Council Breach Identifier Date of data breach Date Council became aware of date breach Description of data breach Type of data breach
         

There are currently no data breaches to report