Emergency and Critical Incident Management

This Policy Is Under Review

Data Breaches

Under the Privacy Act, there are mandatory notification obligations for data breaches that are likely to result in serious harm (eligible data breaches). The Privacy Officer must be notified as soon as a potential data breach is discovered. A data breach occurs where personal information about individuals is accessed by or disclosed to third parties who should not be in receipt of that information, or where information is lost in circumstances where that is likely to occur. This procedure and Maribyrnong School’s external Privacy Policy set out the circumstances in which personal information may be provided to third parties. If the transfer of information is not in accordance with these policies, Maribyrnong School must act immediately to determine whether the data breach is an eligible breach requiring action (including seeking legal advice where necessary).

The school must take the following steps:

  1. Notify each of the individuals to whom the relevant information related, or at least those who are at risk
  2. Prepare a statement for the Commissioner and the public about the eligible data breach
  3. Comply with any directions given by the Office of the Australian Information Commissioner.

Where there has been any reasonable suspicion or belief of a data breach, Emanuel School will review its privacy policy and information storing systems.


If you think we may have breached your privacy you may contact us to make a complaint using the contact details below. In order to ensure that we fully understand the nature of your complaint and the outcome you are seeking, we prefer that you make your complaint in writing. Please see our contact details below at ‘Contact us’.

For further information about our complaint handling processes please see our Privacy Complaint Handling Policy.