Examination of privacy and security in Victorian universities

Victoria’s Privacy and Data Protection Deputy Commissioner has commenced an examination into the protection of personal information in Victorian universities. The governance practices and policies of eight Victorian universities that have privacy obligations under the state’s Privacy and Data Protection Act 2014 will be examined.

The examination will ensure that Victorian universities protect personal information as required by the Information Privacy Principles (IPPs), which are the foundation of privacy law in Victoria and detail the minimum standard for how Victorian public sector organisations should manage personal information.

The examination will consider each university’s approach to identifying and managing security risks to personal information and supporting policy documentation.

Per IPP 4.1, Victorian organisations should take steps to protect the personal information they hold from misuse, loss, unauthorised access, modification and disclosure. To comply with IPP 4.1, organisations should identify risks to the personal information they hold and take reasonable precautions to manage those risks.

After the examination, the Privacy and Data Protection Deputy Commissioner will prepare a report outlining the results of the examination.

Image credit: ©stock.adobe.com/au/peshkova