59GAssessors

#### 59G Assessors 59G Assessors > > (1) The head of a public sector agency may direct one or more persons to carry out the assessment (each an assessor). > > > (2) An assessor may be— > > > > > (a) an officer or employee of the agency the subject of the data breach, or > > > > > (b) an officer or employee of another public sector agency acting on behalf of the public sector agency the subject of the data breach, or > > > > > (c) a person acting on behalf of the public sector agency the subject of the data breach, or a person employed by that person. > > > > > > Example for paragraph (c)— > > > > > > An individual employed by a third party to carry out the assessment for the public sector agency the subject of the data breach. > > > (3) However, a person who the head of the agency reasonably suspects was involved in an action or omission that led to the breach is not permitted to be an assessor. > > > (4) An assessor must take all reasonable steps to ensure the assessment is completed within 30 days after the officer or employee of the agency becomes aware under section 59E(1). > > > (5) In this section— > > > > employee includes an individual engaged by the public sector agency under a contract. > > **s 59G:** Ins 2009 No 54, Sch 1 \[1\] (transferred from the Freedom of Information Act 1989 No 5). Renumbered and am 2009 No 54, Sch 1 \[1\]–\[11\]). Rep 2010 No 71, Sch 1 \[10\]. Ins 2022 No 74, Sch 1\[11\].