Privacy Connections — 10 March 2014

Consultation — OAIC's privacy regulatory action policy

The Office of the Australian Information Commissioner’s (OAIC) privacy regulatory action enforcement policy is now available for consultation.

The OAIC's privacy regulatory action policy explains the OAIC’s range of powers and its approach to using its privacy regulatory powers and making related public communications.

The OAIC has developed this guidance to outline and explain the approach to using its privacy regulatory action powers. The guidance covers both existing powers and the new powers conferred on the Information Commissioner under privacy law reform.

The OAIC is currently developing the Guide to the OAIC’s privacy regulatory action, which will outline the situations and manner in which the OAIC will take regulatory action.

The OAIC welcomes comments by close of business Friday 28 March 2014.

Read the draft policy 
Read the consultation paper


Consultation — Guide to undertaking privacy impact assessments

The Office of the Australian Information Commissioner has updated the Guide to undertaking privacy impact assessments to take account of changes under privacy law reform. This updated guide is now available for public consultation.

The OAIC welcomes comments by close of business Friday 28 March 2014.

Read the draft guide
Read the consultation paper


APP guidelines HTML now available

The OAIC has published an HTML version of the APP guidelines.

Access the guidelines


Statement — Cyber-attacks do not mean businesses are ‘off the hook’

The OAIC has released a statement confirming that while an organisation may not be found to have ‘disclosed’ personal information following a data breach or cyber-attack (under APP 6), the organisation may still be found in breach of APP 11 if it did not take reasonable steps to protect the information from unauthorised access, such as a cyber-attack.

Read the statement


Privacy (Persons Reported as Missing) Rule 2014 and guide

The Privacy (Persons Reported as Missing) Rule 2014 has now been registered on the Federal Register of Legislative Instruments (FRLI).

Subsection 16A(2) of the amended Privacy Act states that the Commissioner may make rules relating to the collection, use or disclosure of personal information by APP entities to assist in the location of missing persons.

The OAIC has released a guide to assist APP entities and others to understand and use this new legislative instrument. 


Privacy Amendment (External Dispute Resolution Scheme — Transitional) Regulation 2014

The Information Commissioner, under s 35A of the Privacy Act 1988 as amended by the Privacy Amendment (Enhancing Privacy Protection) Act 2012, can recognise external dispute resolution (EDR) schemes to handle particular privacy-related complaints.

A transitional 12 month exemption from the requirement to be a member of a recognised EDR scheme has been put in place for energy and water utilities and commercial credit providers. Further information on the reasons for the temporary exemption can be found in the explanatory statement to the Privacy Amendment (External Dispute Resolution Scheme — Transitional) Regulation 2014.


Event — iappANZ worshops

iappANZ will hold a series of workshops during March in Melbourne, Sydney and Brisbane.

For more information about the events see the iappANZ website


Privacy Awareness Week 2014

Privacy Awareness Week (PAW) will be held from 4–11 May 2014.  Get involved early and sign up as a PAW partner. This is the perfect way to demonstrate to your staff and stakeholders that your organisation is committed to best privacy practice. Being a partner is a non-financial arrangement. We just ask that you actively promote privacy awareness during the Week.

More information about our events will be available soon. Please get in touch with the OAIC to find out more.


Please share this Privacy Connections newsletter with your colleagues so they can they can stay up to date with privacy developments, including privacy law reform. They can subscribe to this e-Newsletter or send an email to corporate@oaic.gov.au

 

 

 

 

 

 

 

 

Changes to privacy law

Content found in this section or on this page may no longer reflect the current law.

> Read more: Privacy law reform

Share this page

Protecting information rights — advancing information policy