Practice Areas
Cybersecurity, Data Protection & Privacy
- Get free trial for practice areas as below
- Business
- Consumer
- Corporations
- Criminal
- Employment
- Family
- General Counsel
- Governance
- Immigration
- Intellectual Property
- Personal Injury NSW
- Personal Injury Qld
- Personal Injury Vic
- Personal Property Security
- Property
- Succession
- Work Health & Safety
- Tax
- Mergers & Acquisitions
- Banking & Finance
- Social Justice
- Cybersecurity, Data Protection & Privacy
- Insolvency
- Competition
LexisNexis Practical Guidance®
Straightforward guidance across a range of topics
- Mandatory data breach notification
- Notifying of an eligible data breach
Notifying the affected individuals
After providing a copy of the statement to the Privacy Commissioner, an entity is also required to notify individuals affected by the eligible data breach by one of the following options:
- • if practicable, by notifying each individual to whom the relevant information relates;
- • if practicable, by notifying each individual who is at risk from the eligible data breach; or
- • if neither of the above apply, by publishing a copy of the statement on the entity's website and taking reasonable steps to publicise the contents of the statement.
An entity can notify individuals by whichever communication method it normally uses with those particular individuals.
See Notifying the affected individuals.
