This policy applies to all staff and contractors of NESA. This includes temporary and casual staff, as well as private contractors and consultants engaged by NESA to perform the role of a public official. This policy also applies to third party providers contracted to NESA, who hold personal or health information on behalf of NESA.
To the extent that this policy is inconsistent with any other NESA policy or procedure applying to data breaches, this policy applies. This policy will be reviewed in the next 12 months (and every two years thereafter), or as potential improvements are identified, whichever occurs earlier.