Privacy Breaches: Notify or Not Notify

29 Mar 2017

John Vijayaraj 110x137

by Mr John Vijayaraj

Folder being stamped CONFIDENTIAL

A hospital was recently criticised for failing to notify patients of privacy breaches. In 2015, a patient’s emergency assessment paperwork was discovered on the ground near Gosford Hospital. In the same year, a list of patients including their reasons for attending hospital was discovered on a walkway near the hospital.

On both the above occasions, patients were not notified of the privacy breach because the information was not deemed to put them at “serious risk of harm”.

New Mandatory Data Breach Obligations in February 2018

This criticism comes at a time when the Privacy Amendment (Notifiable Data Breaches) Act 2017  received Royal Assent on 22 February 2017 and will come into effect on 22 February 2018. Under the new scheme, an entity covered by the Privacy Act must take steps to notify the Information Commissioner and affected individuals if the entity:

  • has reasonable grounds to believe that an eligible data breach has happened; or
  • is directed to do so by the Commissioner.

An “eligible data breach" happens if:

  1. there is unauthorised access to, unauthorised disclosure of, or loss of, personal information held by an entity; and
  2. the access, disclosure or loss is likely to result in serious harm to any of the individuals to whom the information relates.

In preparation for the introduction of mandatory data breach notification, we recommend that all medical practices ensure they have a data breach response plan in place, including a nominated response team.

This blog contains general information only. We recommend you contact your medical defence organisation or insurer when you require specific advice in relation to medico-legal matters.



My Career Journey with Dr Nick Coatsworth

Dr Nick Coatsworth is an expert in health policy, public administration and a practising infectious diseases physician. He held a national role in the Australian response to COVID-19 as Deputy Chief Medical Officer of Australia, becoming one of the most recognised medical spokespeople during the pandemic. Nick engaged the Australian community through a variety of media platforms most notably as the spearhead of the national COVID-19 vaccination campaign. Dr Micheal Gannon, Obstetrician & Gynaecologist, sits down with Dr Nick Coatsworth to discuss Nick's medical career journey, and what insights and advice he has for junior doctors. MDA National would like to acknowledge the contributions of MDA National staff, Members, friends and colleagues in the production of the podcast and note that this work is copyright. Apart from any use permitted under applicable copyright law, you may not reproduce the content of this podcast without the permission of MDA National. This podcast contains generic information only, is intended to stimulate thought and discussion, and doesn’t account for requirements of any particular individual. The content may contain opinions which are not necessarily those of MDA National. We recommend that you always contact your indemnity provider when you require specific advice in relation to your insurance policy or medico-legal matters. MDA National Members need to contact us for specific medico-legal advice on freecall 1800 011 255 or email We may also refer you to other professional services.


09 Jun 2022

Career complications and contending with uncertainty

Among the many challenges of the COVID-19 pandemic for junior doctors is how to respond to medical training impacts and career uncertainty. In this podcast, Dr Caroline Elton (a psychologist who specialises in helping doctors)and Dr Benjamin Veness (a Psychiatry registrar) share advice for coping with medical training and career delays, disruptions and unknowns.


10 Aug 2020