Information security and privacy incident notification form
What you should know before using this form
Organisations that are subject to the Victorian Protective Data Security Standards (VPDSS) under Part 4 of the Privacy and Data Protection Act 2014 (Vic) (PDP Act) must notify OVIC of certain information security incidents.
In addition, organisations that are subject to Part 3 of the PDP Act are encouraged to notify OVIC of incidents involving personal information that could cause harm to affected individuals.
Any organisation that is subject to the PDP Act can use this form to report incidents to OVIC, whether voluntarily or by obligation.
How will the information I provide be used?
We use the information you provide to help us manage information security and privacy incident notifications. This includes confirming that we received your notification and contacting you to discuss the incident if we need to.
We may also send your information to the Victorian Government Cyber Incident Response Service, if you want us to.
Information you enter onto this form is stored locally, in your browser, until you submit it. If you do not submit the form, the information you enter will stay stored locally in your browser until you clear the browser cache or delete any information you entered onto the form.