Articles and Case Studies

Must I report this privacy breach?

12 Jun 2019

Karen Stephens

by Karen Stephens

cybersecurity, hacking

Under the Notifiable Data Breaches scheme, if a privacy breach occurs in your practice and it’s likely to result in serious harm, then you must notify the individuals involved as well as the Office of the Australian Information Commissioner (OAIC).

Here’s a handy flowchart to help you assess each situation and make an informed decision about reporting the privacy breach.*

reporting privacy breach

* This information is based on the Privacy Amendment (Notifiable Data Breaches) Act 2017  which came into effect on 22 February 2018.

More resources icon

Download a PDF of this flowchart for use in your practice.

Read more icon

Read our article – Information security: prevention is better than cure – which outlines practical steps you can take to protect the information you hold.

Karen Stephens
Risk Adviser, MDA National

Confidentiality and Privacy, Medical Records and Reports, Regulation and Legislation, Anaesthesia, Dermatology, Emergency Medicine, General Practice, Intensive Care Medicine, Obstetrics and Gynaecology, Ophthalmology, Pathology, Practice Manager Or Owner, Psychiatry, Radiology, Sports Medicine, Surgery, Physician, Geriatric Medicine, Cardiology, Plastic And Reconstructive Surgery, Radiation Oncology, Paediatrics, Independent Medical Assessor - IME


Telehealth Q&A

Learn from the telehealth questions hospital-based doctors asked MDA National earlier this year. From managing a procedure follow up, to what you need to consider when using a personal phone for a consultation.


27 Jun 2020