Regulator Correspondence
Fictional exchanges illustrating tone and scope.
OAIC → LotusCare:
Please outline the steps taken to assess whether personal information
was involved and how affected individuals would be notified.
LotusCare → OAIC:
Assessment ongoing. No confirmation of disclosure at this stage.
We will update upon completion.
Formal correspondence (documents)
The following documents represent formal regulatory correspondence issued as part of a preliminary assessment under the Notifiable Data Breaches (NDB) scheme. No findings or compliance determinations have been made.
| Date | Document | Purpose | Ref |
|---|---|---|---|
| Day 3 | Notice of Preliminary NDB Assessment | Commences regulatory assessment | OAIC-01 |
| Day 3 | Information Request and Assessment Timeline | Requests initial facts and response actions | OAIC-02 |
| Day 4 | Internal Case Note (Redacted) | Internal regulatory record | OAIC-INT-01 |
Entities are reminded that a reasonable and expeditious assessment must be completed
within 30 days where an eligible data breach is suspected.