Online Data Breach Notification Scheme Training - Health Services (2024)

(for webinar format, click here)
(for non-health service providers, click here)


This course provides training for senior staff of health service provider organisations on the requirements of the Data Breach Notification Scheme (DBN Scheme) under the Commonwealth Privacy Act.

The DBN Scheme requires organisations that suffer a serious data breach to notify the Commissioner and individuals of the incident, having a major impact on how organisations manage incidents and the ramifications of breaches.

The course is industry-specific, addressing obligations and scenarios in the context of health services. It equips participants with a detailed understanding of:

•  the DBN Scheme requirements;
•  governance mechanisms required to meet obligations;
•  how prompt remedial action can prevent notification requirements being triggered;
•  how to apply scheme requirements in real-life scenarios;
•  issues to address in supplier and client contracts.

Users receive a bound Participant Handbook which contains course materials and provides a DBN Scheme reference handbook for future use.

The course can be purchased as a package (50% discount) with the Online Privacy Training for Privacy Officers & Managers - Health Service Providers course. The package discount will be applied automatically at the time of invoicing.

Key features

  • state-of-the-art e-learning platform
  • graded assessment
  • user reports
  • certificates of completion
  • deployable on client LMS (optional) (SCORM compliant)
  • simple pricing structure

Learning outcomes

Knowledge of:

  • an organisation's privacy obligations under the Privacy Act (all APPs and DBN Scheme);
  • how to apply obligations in practice (including core business processes);
  • how to identify and manage privacy risks;
  • how to maintain a privacy compliance framework;
  • how to perform the role of a privacy manager.

Who is the course for?

Senior staff with responsibility for managing privacy, eg Privacy Officer, Risk Manager, Records Manager, Division Manager.

Course outline

      Entities, information and acts
      Employee records
      Remedial action
2-Scheme requirements
      Breach Assessment
      Review exemptions
3-Breach assessment
      Suspected breaches
      "Eligible data breach"
      "Serious harm"
4-Data breach statement
      Contents of statement
      Sample statement
      To Commissioner
      To individuals
6-Jointly-held information
      Special provisions
      Contractual measures


The course is authored by Jeremy Douglas-Stewart, a specialist privacy lawyer at Privacy Law Consulting Australia. Jeremy was a member of the Privacy Commissioner's Consultative Group during her review of the Privacy Act in 2004/05 and of the Australian Law Reform Commission's Privacy Principles Roundtable in 2007. Jeremy has been delivering privacy training workshops since 2007 and is author of the Australian Privacy Law Handbook loose-leaf subscription service for lawyers.


1.5 hours (logins are valid for 12 months)

System requirements

An up-to-date web-browser is all that is required to view the courses - for example:

  • Windows: Microsoft Edge, Google Chrome, Mozilla Firefox
  • Mac: Apple Safari, Google Chrome, Mozilla Firefox


$260 + GST (single user licence)

Group discounts - 2 persons - 10%; 3 persons - 12.5%; 4 persons - 15%; 5+ persons - contact us to request a quote.

How to order

An invoice for payment will be sent following receipt of order.

Terms & Conditions: The purchase of this product is subject to the standard Terms & Conditions for Training Products - Electronic


Data Breach Notification Scheme-HSPs-1

Data Breach Notification Scheme-HSPs-2

Data Breach Notification Scheme-HSPs-3