Privacy Awareness Week
Privacy Awareness Week highlights the importance of protecting personal information, and helps organisations, agencies and the public navigate the privacy landscape. This year’s theme was ‘Privacy 101 – Back to Basics’ and was celebrated from 1 – 7 May 2023.
The theme emphasised the importance of having controls in place in order to protect people’s privacy. The Office of the Australian Information Commissioner (OAIC) has developed some tips on how to keep people’s personal information safe based on the following themes:
- Know your obligations
- Have a privacy management plan
- Appoint privacy champions
- Assess privacy risks by undertaking a privacy impact assessment
- Privacy by design – collect only personal information that is necessary
- Protect personal information by ensuring secure systems are in place
- Simplify your privacy policy so that customers understand what they are agreeing to
- Train your staff and integrate privacy components to training
- Prepare for data breaches by having a response plan in place
- Continually review and improve your practices.
To read further, you can visit the Privacy Awareness Week page on the OAIC website.
Organisations might also find the Governance Toolkit for cyber security on the Australian Charities and Not-for-profits Commission (ACNC) website useful. The toolkit provides information on the cyber threats and risks non-for-profit organisations can face, and the strategies to mitigate those. At the end of the page, you will find templates and resources that can help you manage your cyber security strategy.
To find out how the Data Exchange keeps people’s information secure, go to the following documents:
- Information for clients about privacy - A factsheet on how privacy is protected in the Data Exchange, to aid your organisations' conversations about privacy with clients
- Privacy Impact Assessment - a report which identifies how the Data Exchange operates in accordance to the Privacy Act 1988
- The Data Exchange Protocols - a document that outlines each organisation's privacy obligations and consent procedures
Useful Tips
Do you foresee a change in staffing, or is the person entering data into the Data Exchange about to go away? If so, please update your organisation’s Data Exchange access to include other staff members. This helps to ensure your organisation can report regularly and meet the next reporting deadlines.
It is also timely to remove the access of any staff who are no longer employed or no longer require access to the DEX system.
For more information on how to add and edit users, you can use the Add and Edit User task card on the Data Exchange website.
Data Exchange Planned Maintenance
There is no planned maintenance for this month.