Government privacy code takes effect

The new Australian Government Agencies Privacy Code has taken effect, requiring all agencies to adopt a best practice approach to privacy governance across the APS.

The code requires agencies to have a privacy management plan in place, appoint at least one Privacy Officer to ensure compliance with the plan and appoint a senior official as a Privacy Champion to promote the value of personal information among employees.

In addition, agencies will be required to undertake a written privacy impact assessment for all high-risk projects and initiatives and keep a public register of all such assessments undertaken.

Finally, agencies must take steps to enhance internal privacy capability, including by providing appropriate privacy education or training both during staff induction and annually to all staff who have access to personal information.

To accompany the new code, the Office of the Australian Information Commissioner has developed resources including a Privacy Officer Toolkit, Interactive Privacy Management Plan and Privacy Impact Assessment eLearning Program. The office is also offering face-to-face training programs in Canberra and Sydney over the next few months.

"The commencement of the Code is not an end point, and the OAIC will continue to work with and support agencies to identify and address emerging privacy and security risks in the weeks, months and years beyond 1 July 2018," Privacy Commissioner Timothy Pilgrim said in a statement.

Image credit: ©stock.adobe.com/au/md3d

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.