#### 59ZI Privacy Commissioner may make guidelines 59ZI Privacy Commissioner may make guidelines > > (1) The Privacy Commissioner may make guidelines for the purpose of exercising the Privacy Commissioner’s functions under this Part. > > > (2) Without limiting subsection (1), the Privacy Commissioner may make guidelines about the following— > > > > > (a) whether access, disclosure or loss that occurs as a result of a data breach would be likely, or would not be likely, to result in serious harm to an individual, > > > > > (b) deciding whether to exempt a public sector agency for the following— > > > > > > > (i) reasons relating to serious risk of harm to health or safety, > > > > > > > (ii) cyber security reasons. > > > (3) The Privacy Commissioner must consult with the Minister responsible for this Act before publishing guidelines. > > > (4) Guidelines must be published on the Information and Privacy Commission’s website. > > **s 59ZI:** Ins 2022 No 74, Sch 1\[11\].

Previous section59ZHApproval of forms Next section59ZJDelegation by head of public sector agency