If you work in government, you may have caught wind of the Australian Government Agencies Privacy Code, which is coming into force for government agencies on July 1st. So, is your agency prepared? Here’s everything you need to know about it to make sure you comply.
From the OAIC’s website: The Australian Government Agencies Privacy Code (the Code) was registered on 27 October 2017 and commences on 1 July 2018. The Code sets out specific requirements and key practical steps that agencies must take as part of complying with Australian Privacy Principle 1.2 (APP 1.2).
In layman’s terms, it means that government agencies need to standardise privacy governance so that there’s a consistent, high-standard way of managing personal and sensitive information across all government agencies.
The aim of the Code is to make sure that sensitive and personal information is handled with care by all government agencies.
Enforcing it will not only mean that there’ll be an inherent culture of respect for the value of privacy, but ultimately, it will help build public trust in how the government handles their information.
In other words, peace of mind - both for the government, in knowing that each individual’s privacy is being protected - and for the individual, who knows exactly how their data is being handled by each government agency.
To comply, government agencies will have to adjust their processes, and even make a few hires! Agencies will need to:
However, the Code is scalable and flexible - so it depends on the size of your agency, as well as the sensitivity and amount of personal information that the agency handles.
KYOCERA offers a service where we can help agencies become compliant - simply have your appointed privacy officer fill out this form and we’ll be in touch.
To the public, the Code means they’ll have greater visibility about how their data is being used. It shows them you’ve thought about their privacy, through the publishing of Privacy Impact Assessments for every government project.
PIAs detail how each project will impact the privacy of individuals - containing recommendations for how to manage and mitigate any negative impacts. They will give the public a full picture from a privacy perspective, going beyond compliance into the broader privacy risks and implications, and showing the community that your agency has considered whether they’ll find it acceptable.
PIAs will facilitate greater transparency by describing how personal information flows in a project, analysing the possible impacts on an individual’s privacy, and achieve project goals while minimising the negative and enhancing the positive privacy impacts.
It’s ever more important to ensure that your processes are secure, because the way you secure sensitive data will be made transparent to the general public.
Some best practice tips are to:
Additionally, because of the Privacy Champion and Privacy Officer requirements, there will be greater levels of data security across the board, simply because more staff have been dedicated to the protection of personal data.
If you’d like help in making you compliant with the Code, we’d be happy to give you a Privacy Impact Assessment - just >fill out this form to register your interest.
KYOCERA Document Solutions provides document management solutions that improve document cost control and security, while delivering greater productivity, reliability and uptime.