Presentation is loading. Please wait.

Presentation is loading. Please wait.

Director, Regulation and Strategy

Published byJeffrey Atkins Modified over 6 years ago

Similar presentations

Presentation on theme: "Director, Regulation and Strategy"— Presentation transcript:

1 Director, Regulation and Strategy
Getting privacy right Jacob Suidgeest Director, Regulation and Strategy 1

2 Outline Office functions and jurisdiction
The co Office functions and jurisdiction Costs to business of getting privacy wrong Securing personal information Disclosure of personal information 2

3 Office of the Australian Information Commissioner (OAIC)
The co Extensive range of functions in Freedom of Information, Information Policy and Privacy Privacy functions drawn from the Privacy Act 1988 OAIC may be replaced by an Office of the Privacy Commissioner 3

4 What does the Privacy Act cover
The co Privacy Act 1988 provides for the protection of an individual’s personal information Privacy Act contains provisions that deal with: ‘personal information’ ‘sensitive information’ (which includes health information) The OAIC also regulates: credit reporting information, TFNs, Healthcare Identifiers, Personally Controlled Electronic Health Records 4

5 Who does the Privacy Act cover
The co Australian Government agencies Businesses with turnover of more than $3 million All private health service providers Exemptions: employee records, some small business, media Others relating to credit reporting, healthcare identifiers, PCEHR, TFNs 5

6 Australian Privacy Principles
The co 13 APPs replace IPPs and NPPs Single set of principles APPs apply to both private and public sectors – called ‘APP entities’ Structured to reflect the information life cycle from organisational preparedness, collection, through to use and disclosure, security and access and correction 6

7 Recent data breaches The co ‘80 Million Anthem customers hacked in data breach’ News8 ‘DNA test names exposed online’ The Australian ‘Medical records discovered in garden shed after robbery’ IT News 7

8 Community expectations
The co 90% of Australians continue to be concerned about their personal information being sent overseas 95% of people say that they should be informed how their information is handled and protected, and if it is lost 74% of Australians are more concerned about the privacy of their personal information in the online environment than they were 5 years ago 63% of Australians have chosen to not deal with a public or private sector organisation due to concerns about the way their personal information is used or protected 8

9 Securing personal information
The co Entities must account for the Human element Mobile devices and bring your own devices Trusted insider risk Embedding privacy into projects 9

10 Use and disclosure Is it personal information?
means information or an opinion about an identified individual, or an individual who is reasonably identifiable…… 10

11 Use and disclosure APP 6 says you can use or disclose information for the primary purpose for which it was collected. To use it for a secondary purpose an exception must apply. 11

12 Use and disclosure APP 6.1(a) consent
APP 6.2(a) -The individual would reasonably expect that secondary use or disclosure and - the use or disclosure is related (directly related for sensitive information) to the primary purpose of collection 12

13 Use and disclosure APP 6.2(b) use or disclosure is required or authorised by law APP 6.2(e) the APP entity reasonably believes that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body. 13

14 Use and disclosure s16A permitted situation 2:
the entity has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to the entity's functions or activities has been, is being or may be engaged in; and (b) the entity reasonably believes that the collection, use or disclosure is necessary in order for the entity to take appropriate action in relation to the matter. 14

15 Stay up-to-date www.oaic.gov.au Privacy Awareness Week: 3–9 May 2015
The co Privacy Awareness Week: 3–9 May 2015 APP guidelines Data breach notification guide Privacy impact assessment guide Guide to Securing Personal Information 15

16 16

Download ppt "Director, Regulation and Strategy"

Similar presentations

HIPAA What’s New? 2010. What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.

HIPAA What’s New? What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
BIOMETRICS, CCTV & DATA PROTECTION By Drudeisha Madhub Data Protection Commissioner Date: 09.07.14.

BIOMETRICS, CCTV & DATA PROTECTION By Drudeisha Madhub Data Protection Commissioner Date:
AMSRO Leaders Forum 2014 Presentation by Timothy Pilgrim to AMSRO Sydney, Thursday 20 March 2014.

AMSRO Leaders Forum 2014 Presentation by Timothy Pilgrim to AMSRO Sydney, Thursday 20 March 2014.
CHARTERED SECRETARIES AUSTRALIA New Privacy Laws 6 June 2013.

CHARTERED SECRETARIES AUSTRALIA New Privacy Laws 6 June 2013.
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES Chapter 10 Privacy Policy © Routledge Richard.

C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES Chapter 10 Privacy Policy © Routledge Richard.
PRIVACY COMPLIANCE An Introduction to Privacy Privacy Training.

PRIVACY COMPLIANCE An Introduction to Privacy Privacy Training.
The Australian Privacy Principles Protecting information rights –­ advancing information policy.

The Australian Privacy Principles Protecting information rights –­ advancing information policy.
Presentation by Mark Grady Vancouver Island University June 13, 2012.

Presentation by Mark Grady Vancouver Island University June 13, 2012.
Www.oaic.gov.au Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.

Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.

The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.
Information Privacy Policy in Canada Presented By: Sue Wu.

Information Privacy Policy in Canada Presented By: Sue Wu.
Information Commissioner’s Office: data protection Judith Jones Senior Policy Officer Strategic Liaison – public security 16 November 2011.

Information Commissioner’s Office: data protection Judith Jones Senior Policy Officer Strategic Liaison – public security 16 November 2011.
Volunteers and the Law Riverland Community Legal Service Inc.

Volunteers and the Law Riverland Community Legal Service Inc.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Protecting information rights –­ advancing information policy Privacy law reform for APP entities (organisations)

Protecting information rights –­ advancing information policy Privacy law reform for APP entities (organisations)
Jayne Van Souwe, Principal, Wallis Consulting Group Andrew Maher, Partner, HR Legal.

Jayne Van Souwe, Principal, Wallis Consulting Group Andrew Maher, Partner, HR Legal.
Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University 202-687-0880.

Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University
13 July 2006Susan Joseph Health Privacy It’s My Business Health Records Act 2001 (Vic) eReferral Service Co-ordination System.

13 July 2006Susan Joseph Health Privacy It’s My Business Health Records Act 2001 (Vic) eReferral Service Co-ordination System.

Similar presentations

Ads by Google