Information security and privacy incident notification form
Organisations that are subject to the Victorian Protective Data Security Standards (VPDSS) should notify OVIC of certain information security incidents. In addition, organisations that are subject to Part 3 of the PDP Act are encouraged to notify OVIC of incidents involving personal information that could cause harm to affected individuals.
Any organisation that is subject to the PDP Act can therefore use this form to report incidents to OVIC, whether voluntarily or by obligation.
Please use our online form to notify us of information security incidents.
If you’d prefer to download a document to print and fill out, please download the form in the sidebar and email it to incidents@ovic.vic.gov.au
Collection of personal information
The incident notification form collects personal information in the way of contact details. This includes your name, position title, organisation, contact number and email address for the purpose of follow up, research projects or activities set out in OVIC’s Regulatory Action Policy.
Where you provide personal information, OVIC may use it to provide you with return confirmation of receipt of your form, seek clarification on the contents of your form or report on any trends.
We ask that you do not include personal information anywhere other than the designated fields on this form.
When submitting your form via email, we may be able to identify you from your email address.
OVIC will not disclose your personal information without your consent, except where required or authorised to do so by law. You may contact OVIC to request access to any personal information you have provided to us by emailing enquiries@ovic.vic.gov.au.
For further information on how OVIC handles personal information, please review our privacy policy.