Practice Areas
Cybersecurity, Data Protection & Privacy
- Get free trial for practice areas as below
- Business
- Consumer
- Corporations
- Criminal
- Employment
- Family
- General Counsel
- Governance
- Immigration
- Intellectual Property
- Personal Injury NSW
- Personal Injury Qld
- Personal Injury Vic
- Personal Property Security
- Property
- Succession
- Work Health & Safety
- Tax
- Mergers & Acquisitions
- Banking & Finance
- Social Justice
- Cybersecurity, Data Protection & Privacy
- Insolvency
- Competition
LexisNexis Practical Guidance®
Straightforward guidance across a range of topics
- Mandatory data breach notification
- The data breach notification regime
Identifying whether the data breach is notifiable
A data breach will become notifiable if it is an “eligible data breach”.
An eligible data breach will occur where:
- • there is unauthorised access to or disclosure of information; or
- • information is lost where unauthorised access to or disclosure of the information is likely to occur; and
- • a reasonable person would be likely to conclude that such circumstances would likely result in serious harm to individuals to whom the information relates to.
If an eligible data breach is suspected to have occurred but not confirmed, entities must carry out a reasonable and expeditious assessment to determine whether there are reasonable grounds to establish an eligible data breach.
See Identifying whether the data breach is notifiable.
