This page lists details of any data breaches that meet certain criteria under Section 59P of the Privacy and Personal Information Protection Act 1998. If it's not reasonably practicable to notify any or all of affected individuals directly, a public notice about the breach will be posted here.
The Mandatory Notification of Data Breach Scheme (MNDB Scheme) requires NSW public sector agencies, to notify affected individuals and the NSW Privacy Commissioner when there has been an eligible data breach of personal or health information.
For more information about the MNDB Scheme please read section Part 6A of the Privacy and Personal Information Act 1998 or the NSW Information and Privacy Commission website.
We will make every effort to notify you personally if your personal or health information is breached. If it's not reasonably practicable to notify any or all of affected individually directly, you will be able to find details about the data breach on this page.
We will record the following details unless they contain personal information or they would prejudice Council's functions:
Any information added to this register will stay published for 12 months.
Any data breach published on this register has already been reported to the NSW Privacy Commissioner.
If you believe you have been affected by a data breach you can lodge an application with us for a privacy internal review. This is an internal investigation to assess if we have complied with our privacy obligations. During the investigation we will advise and consult with the NSW Privacy Commissioner. For more information, please refer to our Privacy Statement and submission form.
To make a privacy complaint to the NSW Privacy Commissioner please visit Privacy (nsw.gov.au)