Notifiable Data Breaches | The Office of Impact Analysis

11 January 2017

Regulation Impact Statement – Attorney-General’s Department

On 19 October 2016, the Privacy Amendment (Notifiable Data Breaches) Bill 2016 was introduced in Parliament. The Bill will require individuals to be notified when their private information has been breached. Organisations regulated under the Privacy Act, with turnover above $3 million, will be required to notify individuals of data breaches.

The Attorney‑General’s Department finalised a Regulation Impact Statement, which was assessed as compliant and consistent with best practice by the Office of Best Practice Regulation. As part of developing the Regulation Impact Statement, the Attorney‑General’s Department released an earlier version for consultation on 3 December 2015.

The Regulation Impact Statement estimates the average annual regulatory cost at $6.3 million per year. The OBPR has agreed to the regulatory saving.

Attachment	File type	Size
FINAL RIS - Privacy Amendment (Notifiable Data Breaches) Bill 2016	docx	184.9 KB
FINAL RIS - Privacy Amendment (Notifiable Data Breaches) Bill 2016	pdf	707.22 KB
Deputy Secretary Certification Letter	docx	356.17 KB
Deputy Secretary Certification Letter	pdf	80.18 KB
OBPR Assessment Advice	docx	148.37 KB
OBPR Assessment Advice	pdf	70.42 KB

Attachment

File type

Size

FINAL RIS - Privacy Amendment (Notifiable Data Breaches) Bill 2016

docx

184.9 KB

FINAL RIS - Privacy Amendment (Notifiable Data Breaches) Bill 2016

pdf

707.22 KB

Deputy Secretary Certification Letter

docx

356.17 KB