Govt agencies will soon need privacy officers


By Dylan Bushell-Embling
Wednesday, 08 November, 2017


Govt agencies will soon need privacy officers

Australian government agencies will need to develop and measure their performance against a privacy management plan and appoint a dedicated privacy officer under new obligations due to take effect in July next year.

The Office of the Australian Information Commissioner's (OAIC) new Australian Government Agencies Privacy Code was registered last month.

The code lays out key steps all agencies covered by the Privacy Act must take to ensure a best practice approach to privacy governance.

Under the code, agencies will be required to draw up a privacy management plan that identifies specific, measurable privacy goals and targets and sets out how the agencies will meet their privacy obligations. These goals and targets must be subject to at least annual performance measurements.

In addition, agencies will at all times need to have at least one designated privacy officer that will act as the primary point of contact for advice on privacy matters within an agency.

The officer will also handle internal and external privacy inquiries, complaints and requests for access to personal information, maintain records of an agency's personal information holdings and liaise with the OAIC.

Agencies will also need to have a privacy champion tasked with promoting a culture of privacy within the agency and providing leadership on strategic privacy issues.

The code also stipulates that agencies must conduct a privacy impact assessment for all high privacy risk projects — any project that involves any new or changed ways of handling personal information that are likely to have a significant impact on the privacy of individuals.

Finally, the code requires agencies to include appropriate privacy education or training in any staff induction program it provides and to conduct regular reviews and updates of their internal privacy practices.

Image credit: ©iStockphoto.com/Brian Jackson

Follow us and share on Twitter and Facebook

Related News

US Cyber Command, NSA team to keep elections secure

The US is "laser focused" on securing its election processes from foreign interference,...

OVIC updates security incident notification scheme details

The scheme requires agencies or bodies to inform OVIC of incidents that compromise the...

US NASCIO calls for harmonised security regulations

Cybersecurity features heavily in the the US National Association of State CIOs (NASCIO) list of...


  • All content Copyright © 2020 Westwick-Farrow Pty Ltd