Status and Details

Status and Details

Privacy Management Rule - Annexure 1 - Data Breach Policy

Show Field Notes
Status Current Indicates if this version of the document is in effect (Current), yet to come into effect (Future), or expired (Historic).
Effective Date 12th August 2021 This is the date on which this version of the document came into effect.
Review Date 12th August 2023 The next review of this document is scheduled to commence on this date.
Approval Authority Director Governance and University Secretary The noted authority approved this is version of the document.
Approval Date 12th August 2021 This is the date on which this version of the document was approved by the authorised authority.
Expiry Date To Be Advised This is the date on which this version expires. It may still apply, conditionally, after this date.
Unit Head Kate McNarn
Director Governance and University Secretary
This is the officer generally responsible for day to day administrative matters.
Enquiries Contact Kate McNarn
Director Governance and University Secretary

Records, Policy and Governance Unit
General enquiries should be directed to the officer/area listed.

Summary of Changes from Previous Version

24/10/2022 – Council Noted Administrative Change: Replace Guideline (or plurals) with Policy (or plurals) in title and within document. Changes approved by Council on 27th May 2022.


Amended clauses: 1, 2, 3, 4, 19, 20 (Policy and Rule?), 22, 23, 24, 25, 26, 27, Section 4 title, 30.


These Guidelines support the UNE Governance Framework’s Information Governance functions and assist UNE in preparing for and responding to personal information data breaches in line with our obligations under The Privacy and Personal Information Protection Act 1998 (PPIP Act) and Part IIIC of the Privacy Act 1998. The objective of this Guideline is to describe UNE’s approach to reducing the risks associated with data breaches. The approach includes the immediate containment and mitigation of harm, evidentiary and reporting requirements, and future strategies to improve the management of personal information reducing the likelihood of breach reoccurrence. Within these guidelines: Part A defines data breaches and UNE’s responsibilities; Part B deals with a suspected data breach; and Part C deals with identifying and responding to a data breach.



Clauses Amended:Guideline: All