sec.54Particular agencies may collect, use and disclose relevant personal information for notification

### sec.54 Particular agencies may collect, use and disclose relevant personal information for notification A regulation may prescribe— an agency (a disclosing agency ) that may, under this section, disclose relevant personal information to another agency; and an agency (a receiving agency ) that may, under this section, collect and use relevant personal information from a disclosing agency and disclose relevant personal information to the disclosing agency. A disclosing agency may disclose relevant personal information held by the agency to a receiving agency if the receiving agency is the subject of an eligible data breach. The receiving agency may collect and use relevant personal information from a disclosing agency, and disclose relevant personal information to the disclosing agency, if it is reasonably necessary for the purpose of confirming— the name and contact details of a notifiable individual; or whether a notifiable individual is deceased. A disclosing agency or receiving agency is not required to comply with a QPP in relation to the disclosure, collection or use of relevant personal information under this section. For subsection (2) , an eligible data breach includes— a data breach that an agency reasonably believes is an eligible data breach; and a suspected data breach of an agency mentioned in section 61 (1) , whether or not the information commissioner has made a recommendation under section 61 (4) . If a disclosing agency may, under an Act, enter into an arrangement and charge a fee for the provision of personal information kept by the agency under that Act, the agency may do so under that Act in relation to personal information that may be disclosed under this section. In this section— identifier , for an individual, means an identifier other than solely the individual’s name, including, for example, a number, that is— assigned to the individual in relation to the individual’s personal information by an entity for the purpose of uniquely identifying that individual, whether or not it is subsequently used other than in relation to the personal information; or adopted, used or disclosed in relation to the individual’s personal information by an entity for the purpose of uniquely identifying the individual. notifiable individual means— an individual mentioned in section 53 (1) (a) or (b) ; or an individual the information commissioner recommends should be notified under section 61 (4) . relevant personal information means the following information about an individual— the name of the individual; the contact details of the individual; the date of birth of the individual; an identifier for the individual; if the individual is deceased—the date of the individual’s death. s 54 sub 2023 No. 32 s 33 (sec.54-ssec.1) A regulation may prescribe— an agency (a disclosing agency ) that may, under this section, disclose relevant personal information to another agency; and an agency (a receiving agency ) that may, under this section, collect and use relevant personal information from a disclosing agency and disclose relevant personal information to the disclosing agency. (sec.54-ssec.2) A disclosing agency may disclose relevant personal information held by the agency to a receiving agency if the receiving agency is the subject of an eligible data breach. (sec.54-ssec.3) The receiving agency may collect and use relevant personal information from a disclosing agency, and disclose relevant personal information to the disclosing agency, if it is reasonably necessary for the purpose of confirming— the name and contact details of a notifiable individual; or whether a notifiable individual is deceased. (sec.54-ssec.4) A disclosing agency or receiving agency is not required to comply with a QPP in relation to the disclosure, collection or use of relevant personal information under this section. (sec.54-ssec.5) For subsection (2) , an eligible data breach includes— a data breach that an agency reasonably believes is an eligible data breach; and a suspected data breach of an agency mentioned in section 61 (1) , whether or not the information commissioner has made a recommendation under section 61 (4) . (sec.54-ssec.6) If a disclosing agency may, under an Act, enter into an arrangement and charge a fee for the provision of personal information kept by the agency under that Act, the agency may do so under that Act in relation to personal information that may be disclosed under this section. (sec.54-ssec.7) In this section— identifier , for an individual, means an identifier other than solely the individual’s name, including, for example, a number, that is— assigned to the individual in relation to the individual’s personal information by an entity for the purpose of uniquely identifying that individual, whether or not it is subsequently used other than in relation to the personal information; or adopted, used or disclosed in relation to the individual’s personal information by an entity for the purpose of uniquely identifying the individual. notifiable individual means— an individual mentioned in section 53 (1) (a) or (b) ; or an individual the information commissioner recommends should be notified under section 61 (4) . relevant personal information means the following information about an individual— the name of the individual; the contact details of the individual; the date of birth of the individual; an identifier for the individual; if the individual is deceased—the date of the individual’s death. - (a) an agency (a disclosing agency ) that may, under this section, disclose relevant personal information to another agency; and - (b) an agency (a receiving agency ) that may, under this section, collect and use relevant personal information from a disclosing agency and disclose relevant personal information to the disclosing agency. - (a) the name and contact details of a notifiable individual; or - (b) whether a notifiable individual is deceased. - (a) a data breach that an agency reasonably believes is an eligible data breach; and - (b) a suspected data breach of an agency mentioned in section 61 (1) , whether or not the information commissioner has made a recommendation under section 61 (4) . - (a) assigned to the individual in relation to the individual’s personal information by an entity for the purpose of uniquely identifying that individual, whether or not it is subsequently used other than in relation to the personal information; or - (b) adopted, used or disclosed in relation to the individual’s personal information by an entity for the purpose of uniquely identifying the individual. - (a) an individual mentioned in section 53 (1) (a) or (b) ; or - (b) an individual the information commissioner recommends should be notified under section 61 (4) . - (a) the name of the individual; - (b) the contact details of the individual; - (c) the date of birth of the individual; - (d) an identifier for the individual; - (e) if the individual is deceased—the date of the individual’s death.