Our website uses cookies so we can analyse our site usage and give you the best experience. Click "Accept" if you’re happy with this, or click "More" for information about cookies on our site, how to opt out, and how to disable cookies altogether.
We respect your Do Not Track preference.
Case notes are a great way to learn about privacy by understanding how others have responded to a breach. We anonymise them and explain what happened and what outcomes there were.
Organisations must not keep personal information for longer than they need it. If your organisation is finished with personal information, you must dispose of it securely to avoid a privacy breach.
Physical security is an important part of protecting personal information, whether it’s in a paper file or a on device such as a laptop or smartphone. Sometimes it’s necessary to take personal information out of the workplace, but it does increase the risk of it being lost or stolen.
This is the type of breach that agencies most commonly report to us. Always double-check that the address is correct before you send information and have other systems in place that will help prevent or mitigate a breach.
Under the Privacy Act, organisations cannot disclose personal information unless a specific exception applies. Disclosing information when an exception doesn’t apply can lead to a privacy breach, even if it was unintentional.
Organisations have an obligation to store personal information securely. System errors, scams and employee browsing can all lead to a security failure.