Draft Data Breach Notification Policy Review

Consultation period: 12 January 2026 – 9 February 2026

Council has reviewed and revised the Draft Data Breach Notification Policy.

The Data Breach Notification Policy outlines Council’s principles and commitment in responding to a data breach. Council holds and is trusted with confidential and sensitive data. We take this responsibility seriously to protect our people, customers and community.

A key revision to the policy includes the addition of a schedule that serves as a Data Breach Response Plan. The purpose of this plan is to provide guidance for implementing Council’s Data Breach Policy in in the event of an eligible data breach.

Council is required to the report eligible data breaches under the Privacy and Personal Information Protection Act 1998 (NSW).

The policy and schedule applies to all Council employees, Councillors, contractors and volunteers of Sutherland Shire Council who provide or handle Council data.


Have your say

We are seeking feedback from our community on the Draft Data Breach Notification Policy. You can share your feedback until 9 February 2026:

  • Online by taking the survey below
  • Email to ssc@ssc.nse.gov.au with the subject line 'Feedback RE Draft Data Breach Notification Policy Review'
  • In writing to Sutherland Shire Council, Privacy and Information Access, Locked Bag 17, Sutherland 1499.


Next steps

Following community consultation, Council will review and consider all feedback. Some changes may be made to the policy. It will then be finalised and reported to Council for adoption. We will keep interested members of the community updated.

Consultation period: 12 January 2026 – 9 February 2026

Council has reviewed and revised the Draft Data Breach Notification Policy.

The Data Breach Notification Policy outlines Council’s principles and commitment in responding to a data breach. Council holds and is trusted with confidential and sensitive data. We take this responsibility seriously to protect our people, customers and community.

A key revision to the policy includes the addition of a schedule that serves as a Data Breach Response Plan. The purpose of this plan is to provide guidance for implementing Council’s Data Breach Policy in in the event of an eligible data breach.

Council is required to the report eligible data breaches under the Privacy and Personal Information Protection Act 1998 (NSW).

The policy and schedule applies to all Council employees, Councillors, contractors and volunteers of Sutherland Shire Council who provide or handle Council data.


Have your say

We are seeking feedback from our community on the Draft Data Breach Notification Policy. You can share your feedback until 9 February 2026:

  • Online by taking the survey below
  • Email to ssc@ssc.nse.gov.au with the subject line 'Feedback RE Draft Data Breach Notification Policy Review'
  • In writing to Sutherland Shire Council, Privacy and Information Access, Locked Bag 17, Sutherland 1499.


Next steps

Following community consultation, Council will review and consider all feedback. Some changes may be made to the policy. It will then be finalised and reported to Council for adoption. We will keep interested members of the community updated.

Page published: 12 Jan 2026, 08:39 AM