Rules Mate

Guidelines

Notifiable Data Breaches (NDB) scheme

Eligible data breach assessment + 72-hour notification.

In plain English

This guidance explains the Notifiable Data Breaches scheme, covering data breach assessments and 72-hour notifications.

The Notifiable Data Breaches (NDB) scheme applies to organisations that handle personal information. It requires assessment of eligible data breaches. Organisations must notify the Office of the Australian Information Commissioner and affected individuals within 72 hours of becoming aware of a breach. This guidance was last revised by the OAIC.

Why it matters

If your business handles personal information, you must follow this guidance. Failing to do so could impact your reputation and legal obligations. Understand your responsibilities to protect data and respond to breaches appropriately.

privacyndbbreach-reportinggovernance

AI-assisted summary, grounded in the source link below. Generated 2026-05-23 via gemma3:12b.

Issuing regulator

OAIC

Topics


Source: https://www.oaic.gov.au/privacy/notifiable-data-breaches. Rules Mate indexes + summarises; always verify against the regulator's live publication.