An ABC investigation has exposed privacy breaches of the central police records database that holds files on millions of Australians.

The Computerised Operational Policing System (COPS) database holds more than 40 million records that can be accessed by NSW's 16,000 police officers.

Lawyers have warned the data breaches uncovered by the ABC show people's information stored in COPS is at risk.

Key points: The COPS database keeps information on victims, offenders and incidents requiring police action

The COPS database keeps information on victims, offenders and incidents requiring police action A police accountability lawyer says privacy breaches could have long-term ramifications

A police accountability lawyer says privacy breaches could have long-term ramifications NSW Police say the COPS database follows national guidelines

Single mother-of-three Talia Odone from Cooma had separated from her boyfriend when she became aware he had received information held on a COPS file.

She suspected her ex-boyfriend's neighbour — a policeman — had some involvement in the matter.

"It was like being sucker-punched, just the idea that someone in such a position of power and authority would give information to someone so willingly," Ms Odone said.

Ms Odone complained about the privacy breach to Cooma Police, who confirmed there had been unusual "access to her file" and launched an investigation.

Do you know more? Contact us. Please use a private email if you wish to send confidential information.

In an official response to Ms Odone, Monaro Police District Superintendent Paul Condon upheld her privacy complaint and also found a false record had been created in her COPS file.

"It was devastating," she said.

"I'm a very private person for many reasons and to think that information was passed onto someone who had no right to it … was just an enormous shock."

In the response, police confirmed an officer had been the focus of their inquiry, however, he had since resigned from the force.

Ms Odone said she had her "suspicions" that the false record either accused her of harassment or was based around a mental health complaint.

A NSW Police spokesperson told the ABC that despite the findings of the internal investigation, a subsequent criminal investigation had stalled.

"For this investigation to proceed, police require ongoing cooperation from witnesses and a willingness to give evidence in court," a statement said.

Talia Odone complained about her privacy breach to Cooma Police. ( ABC News: Peta Doherty )

The former police officer who entered the false COPS record disputes the findings of the internal probe.

The former constable said he was "doing everything he was trained to do", and had "created an event" after the ex-boyfriend chatted with him about Ms Odone.

He conceded the ex-boyfriend was his friend and the unverified COPS entry was gathered while he was off-duty.

"He's my neighbour. I've been to barbecues at his house, he's been to barbecues at my house," he said.

He added that in a town where "everyone knows everyone", it was acceptable for police to lodge reports for friends.

"I haven't committed any crime. I haven't done anything wrong.

"All I've done is create an event for an incident that was reported to me like I have 1,000 times in the past," he said.

Police sources have told the ABC that accessing and entering information is a routine duty, and the bulk of the COPS database is accessible to any rank-and-file officer.

Whistleblower's file accessed 200 times

Documents obtained under freedom of information (FOI) laws show police accessed the records of Richard McDonald, an ex-cop who became a police whistleblower.

In 2014, Mr McDonald exposed in the media the criminal records of 400 serving police, revealing many had form for drink driving, assault and break-and-enter.

Concerned about retribution, Mr McDonald sought access to his COPS file under FOI laws.

His entry was opened almost 200 times in two years after a television appearance, including by senior police analysts.

"It was clear that as soon as that information went to the press, the New South Wales Police were looking into me very extensively," he said.

"There's no reason to be looking into me."

Former police officer Richard McDonald feels he was targeted after whistleblowing. ( Supplied )

Mr McDonald complained to police and asked if the scrutiny related to his whistleblowing.

"They're hiding behind public interest immunity, that they don't need to tell me why I was being looked into, which is absurd," he said.

A police spokesperson said COPS access by officers was "authorised" and "in line with their duty".

Police accountability lawyer David Porter said both cases indicated the need to better protect and audit data collected by the force.

He said privacy breaches in the COPS database could have "ramifications for years to come".

"It's similar to a hospital patient having their health information disclosed," he said.

"It can be very intimate personal information, which should be protected in a very serious way."

President of the NSW Council for Civil Liberties Pauline Wright said better oversight and more training was needed.

"This is an enormous databank of information that they have access to and they need to be taught the real impacts on real people, innocent people's lives, if that data is breached," she said.

In answer to all concerns, a NSW Police spokesperson said that "numerous levels of governance, audit and oversight" were applied to the COPS database.

The ABC understands the Law Enforcement Conduct Commission is now reviewing Mr McDonald's complaint.