NDB (Notifiable Data Breach)

Privacy Act scheme requiring notification of eligible data breaches.

Part IIIC of the Privacy Act requires APP entities to assess (within 30 days) and notify (as soon as practicable) the OAIC + affected individuals of eligible data breaches — unauthorised access, disclosure or loss of personal information likely to cause serious harm.