Overview
View all Consequences of failing to comply with the data breach notification regime guidance
Guidance
Identifying whether the data breach notification regime applies to you
APP entities, credit reporting bodies, credit providers and file number recipients | Where information is disclosed to overseas recipient | Exception under the My Health Records Act 2012 (Cth)
Identifying whether the data breach is notifiable
When is a data breach notifiable? | Eligible data breach | When an eligible data breach is suspected but not confirmed
Taking remedial action to prevent an eligible data breach
Remedial action to prevent an eligible data breach | Remedial action taken only for particular individuals
The types of data breaches being reported
The types of data breaches being reported
Checklists
Data Breach Assessment Guideline
P. Fair and S. Lee, Baker McKenzie
Checklist for Complying with both the Privacy Act and the GDPR
S. Sharma, S. Field and B. Tomlinson, Maddocks
Privacy - Checklist for Privacy policy
S. Sharma, Special Counsel, Maddocks
Cybersecurity strategy - Checklist for Overall cybersecurity strategy
P. Fair and S. Lee, Baker McKenzie
Workflow Checklist: Exceptions to notification obligations
D. Kneller, Madgwicks Lawyers
EU General Data Protection Regulation (GDPR) - Compliance checklist
S. Sharma, S. Field and B. Tomlinson, Maddocks
Data security - Checklist for De-identification of personal information
A. Mitchell, Unisys
Privacy - Internal privacy guidelines for staff
S. Sharma, Special Counsel, Maddocks
Checklist for Ensuring data protection compliance
P. Fair and S. Lee, Baker McKenzie
Cybersecurity strategy - Checklist for remote working
LexisNexis Legal Writer Team
Data security - Checklist for Data security audit plan
A. Mitchell, Unisys
Checklist for Transfers of personal data outside the European Economic Area
S. Sharma, S. Field and B. Tomlinson, Maddocks
Workflow Checklist: Assessing a suspected data breach
D. Kneller, Madgwicks Lawyers
Checklist for Data breach response guideline
P. Fair and S. Lee, Baker McKenzie
Privacy - Checklist for direct marketing
S. Sharma and E. Lau, Maddocks
Workflow Checklist: Identifying when a data breach is notifiable
D. Kneller, Madgwicks Lawyers
EU general data protection regulation (GDPR) - Checklist for controller versus processor
S. Sharma, Special Counsel and B. Tomlinson, Partner, Maddocks
Workflow Checklist: Content of notification
D. Kneller, Madgwicks Lawyers
Checklist for computer and device use
P. Fair and S. Lee, Baker McKenzie
Checklist for Staff training on data protection compliance
P. Fair and S. Lee, Baker McKenzie
Threshold compliance checklist - GDPR and the Privacy Act
S. Sharma, S. Field and B. Tomlinson, Maddocks
Privacy by design - practical checklist
S. Sharma, Maddocks
Data security - Checklist for Disaster recovery planning
A. Mitchell, Unisys

Legislation

- Identifying whether the data breach notification regime applies to you
- Identifying whether the data breach is notifiable
- Identifying when notification is required
- Notifying other persons
- Receiving a direction to notify from the Privacy Commissioner
- Enforcement and penalties under the Privacy Act 1988 (Cth)
- Obligations under corporations’ law