Privacy introduction


Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Privacy introduction

  1. 1. Privacy Introduction “Privacy Matters”
  2. 2. Presentation Overview Content Module One Legislation, Definitions & Key Exemptions Activity Pair Activity Module Two Collection, Use & Disclosure Module Three Management & Access Activity DVD Module Four Complaints/ Post -Quiz “Privacy Matters”
  3. 3. Learning Objectives Today you will learn about Victorian privacy requirements This session will better equip you to understand: •collection, use & disclosure, management and access to personal information; •Perform your job functions in a manner consistent with privacy requirement; & •where to go for privacy related help. “Privacy Matters”
  4. 4. Icebreaker - PrYvacy Bingo Instructions: As quickly as you can complete a line of the pryvacy bingo card with names. The first person to get a vertical or horizontal line will win a prize Note you may only use a name once “Privacy Matters”
  5. 5. Module 1 Privacy legislation Information Privacy Act State government agencies, (Vic) 2000 local councils, Ministers & Statutory agencies. Health Records Act (Vic) 2001 Health information in Victorian public and private sectors, hospitals, doctors & employers. “Privacy Matters”
  6. 6. Module 1 Privacy – Key definitions Personal information Recorded information about a living identifiable or easily identifiable individual. Health information Information able to be linked to a living or deceased person about a person’s physical, mental or psychological health. Sensitive information Includes information about a person’s race or ethnicity and criminal record. Is a photo personal information? Are details of a person’s position and salary recorded on their personnel file? Small Group activity “Privacy Matters”
  7. 7. Module 1 Relationship to other laws Privacy laws What they say Examples Information If there is, any inconsistency • Section 30 of the Privacy Act between the Information Corrections Act 1991. (section 6). Privacy Act and a provision in another Act, the other Act’s • Section 141 of the Fair provision prevails to the Trading Act 1999. extent of the inconsistency. Are you familiar with what your primary legislation states you can do with personal information? Pair Activity “Privacy Matters”
  8. 8. Module 1 Court Services Courts & Tribunals are partially exempted from privacy laws in exercising their judicial or quasi- judicial functions. Are human resources functions covered? What about filming inside a court room? Would a court-issued subpoena be a judicial function? “Privacy Matters”
  9. 9. Module 1 Law enforcement exemption Who is covered? How does it work? Examples If there is a reasonable Corrections (Prisons, belief that non-compliance Police checks of the CCS & CORE); CAV; is necessary for law Register of Births and RAJAC; enforcement purposes; Deaths for name changes. Business Licensing then exempt from In emergency situations, Agency; & main collection, use, locating next of kin. Enforcement disclosure and transfer Management. obligations, but still must Inspectors investigating comply with some motor car traders. requirements. “Privacy Matters”
  10. 10. “Privacy Matters”
  11. 11. Module 1 Law enforcement agencies IPP8 IPP1.1 & IPP2.2 IPP3 IPP4 IPP5 1.2 If lawful Collect Record uses Be Be Have and personal & disclosures accurate secure privacy practicable information between law policies & offer responsibly enforcement processes anonymity agencies “Privacy Matters”
  12. 12. Module 2 other functions? • For all other non-judicial and non-law enforcement functions employees must comply with the 10 information privacy principles (IPPs) • The IPPs are connected and guide how personal information should be handled: • Collection (IPPs 8, 1, and 10); • Use and Disclosure (IPPs 2 and 9); • Management of personal information (IPPs 3,4, 5, & 7); and • Access and Correction (IPP6 and FOI) “Privacy Matters”
  13. 13. Module 2 Collection Collection (IPPs 8, 1, and 10) Preserve anonymity if you can. Collect only what you need. Do it lawfully, fairly, directly and not unreasonably intrusively. Tell people you are doing it and why through a privacy statement. Be extra careful with sensitive information. Scenario Photos are taken at the end of year staff party. The photos are added to a bank of stored images used for promotional purposes in newsletters and the website. Are there any collection issues? “Privacy Matters”
  14. 14. Module 2 Tips for compliance • When drafting or handling forms check for a privacy statement. Think of a statement as a food label. • Be able to justify why you need personal information if asked. • Do not over collect personal information. • Be mindful, if investigating crimes, to act within the law and collect fairly. “Privacy Matters”
  15. 15. Module 2 Use and Disclosure Think of a traffic light when disclosing personal information. you must you may you can’t Disclosure is You have choice No choice mandatory “Privacy Matters”
  16. 16. Module 2 You may disclose under IPP2 Under IPP2 you may disclose: to law enforcement agencies for the purpose of prevention, detection, • with consent. investigation, prosecution or punishment of criminal offences or breaches of a law. • if information is from a publicly available source. where the information is reasonably • information for statistical or research believed to be necessary to lessen or purposes; no identifiers. prevent a serious threat to public health / safety / welfare. • investigation of unlawful activity. • other reasons in IPP2. “Privacy Matters”
  17. 17. Use & Disclosure Scenario In 2003 the Arthurs Seat chairlift collapsed and 18 people were injured. The chairlift managing director was quoted in the media saying that he wished to extend his best wishes to those injured however was prevented from doing so as privacy laws prohibited the police releasing the names of the people involved. Considering the use and disclosure principle, what options exist for providing an apology to the victims? “Privacy Matters”
  18. 18. Module 3 Management of personal information “Privacy Matters”
  19. 19. Module 3 Management & Access Access and Correction (IPP6 & FOI Act) People have a right to access & correct personal information. Assume people will see what you write. If involved in discovering documents respond promptly. Management (IPPs 3, 4, 5 & 7) Keep personal information accurate & secure. Follow Departmental policies. “Privacy Matters”
  20. 20. DVD • When watching the DVD consider – – What the privacy issues might be? – Whether you or your work area may have experienced a similar situation? “Privacy Matters”
  21. 21. Module 4 Complaints “Privacy Matters”
  22. 22. What constitutes a privacy complaint? • A breach of a privacy principle • A complainant may be concerned about: – a mix up in correspondence – gossiping about them in their community – a facsimile or email sent to the wrong person – their information being out of date or incorrect on a database “Privacy Matters”
  23. 23. Complaint intake • Anyone can complain using the privacy complaint form available on J-NET • In the first instance you need to refer any potential privacy complaint to your business unit privacy coordinator • The Coordinator will follow the department’s privacy complaint handling policy and procedure “Privacy Matters”
  24. 24. Recap & Key Messages • Most information held by the department will be capable of being personal information • The privacy principles are about the right information to the right people for the right reason at the right time • Build privacy protections into your work area and work practices • Follow privacy policies and bring privacy incidents to your manager’s attention “Privacy Matters”
  25. 25. Where to go for help? • Privacy, Records Management & Freedom of Information materials are on J-NET>Our Business>Knowledge Management • Each of the Dept’s business units has a Privacy Coordinator – Gaming & Racing- Mai Hua 8684 6401 – Human Resources – Bree Tozer 8684 0052 – Corrections Victoria - Lina Marrocco & Joanna Richardson 8684 6576/6572 - Crime & Violence Prevention – Georgia Dodds 8684 1717 - Brent Carey, Senior Privacy Adviser can be contacted on 8684 0071 or by e-mail • EDRMS (records) helpdesk 8684 0555; the FOI unit 8684 0063 • Privacy Victoria “Privacy Matters”
  26. 26. Training Quiz “Privacy Matters”