The Privacy and Personal Information Protection Act 1998 (PPIPA) requires Council to prepare and implement a Privacy Management Plan. This Plan outlines how Port Macquarie Hastings Council complies with the legislative requirements of the PPIPA, the Health Records and Information Privacy Act 2002 (HRIPA), and the Privacy Code of Practice for Local Government (Code).
Part 6A of the Privacy and Personal Information Protection Act 1998 (PPIP Act) establishes the NSW Mandatory Notification of Data Breach (MNDB) Scheme. The MNDB Scheme requires Port Macquarie Hastings Council (Council), as a public sector agency bound by the PPIP Act, to notify the Privacy Commissioner and affected individuals of eligible data breaches.
Eligible data breaches will be published in the Public Notification Register.
Under the Mandatory Notification of Data Breach (MNDB) Scheme, Council is required to prepare and publish a Data Breach Policy(PDF, 419KB) for managing such breaches as well as maintaining an internal Eligible Data Breach Incident Register, and Public Notification Register, of eligible data breaches.
Section 59P(5) of the Privacy and Personal Information Protection Act 1998 (PPIP Act) requires that Council publish on its website information about how to access the information published by Council in its Public Notification Register.
Council is required to provide the information about how to access the notification for at least 12 months after the date the notification is published. Information provided about how to access the notification will be made available from this page.
As at 28 November 2023, there was no information that was required to be published by Council in satisfaction of section 59P(5).