Mandatory notification of data breach register

Part 6A of the Privacy and Personal Information Protection Act 1998 (NSW) (PPIP Act) establishes the Mandatory Notification of Data Breaches (MNDB) scheme. From 28 November 2023 every public sector agency bound by the PPIP Act must notify the Privacy Commissioner and affected individuals of eligible data breaches involving personal or health information that is likely to result in serious harm.

Agencies are required to maintain a public register of any notifications made under section 59ZE(2). The information recorded in the register must be publicly available for at least 12 months after the date of publication and include the information specified under section 59O.

Register of data breaches

Inner West Council has had no reportable data breaches within the past 12 months.

Making a privacy-related complaint

If an affected party wishes to request an internal review, under the Privacy and Personal Information Protection Act 1998, you can do so by writing to:

The General Manager
Inner West Council
PO Box 14
Petersham NSW 2049

or by lodging a complaint with the Information and Privacy Commission of NSW:

General privacy enquiries

If you have an enquiry about Council's privacy management, please contact Council's Privacy Officer by email at privacy@innerwest.nsw.gov.au, or by mail at PO Box 14, Petersham NSW 2049.

Rate this page

  • Rate as The content was useful0% The content was useful votes
  • Rate as The content was not useful0% The content was not useful votes

Page last updated: 15 Jul 2025