Data Breach Policy and Procedure for Small Businesses


A privacy breach management and reporting framework suitable for Small businesses subject to the Privacy Act and Australian Privacy Principles

This product is currently out of stock



A template data breach policy and procedure to enable you to identify and assess privacy breaches and comply with your reporting obligations, covering:

  • Background and objectives
  • What is personal information
  • What is a privacy breach
  • What is an ‘eligible data breach’
  • The concept of ‘serious harm’
  • Data breach response plan
  • Training
  • Review


  • Customisable policy and procedure
  • Covers data breach reporting requirements effective 22 February 2018
  • Incorporates a data breach response plan
  • Compliments your existing privacy procedures and breach management framework
  • Helps you identify and understand your obligations
  • Packed full of practical tips, traps and examples
  • Supports your risk and compliance management programme


  • Customise to create your data breach policy and procedures

The Data Breach Policy and Procedure is intended to supplement an established privacy framework. If you don’t have an existing framework you can purchase our Privacy Compliance Kit instead. You do not need to purchase both.