This document discusses the Department of Human Services' implementation of Australia's privacy law reforms, which introduced the Australian Privacy Principles on March 12, 2014. A project team has been established to help business areas prepare for the new obligations. Steps taken include assessing necessary IT solutions, developing guidance resources, and coordinating an inter-departmental working group. The reforms require reviewing how personal information is managed to comply with the new, harmonized principles replacing previous privacy laws.
The document summarizes two bars located in the suburbs of Kuala Lumpur, Malaysia. Movida is located in a shopping complex and has an outdoor beer garden and indoor dance floor. It offers pizza, promotions on drinks, and spacious seating. The second bar, Ecoba, is located in PJ Trade Centre and has the largest outdoor patio in Kuala Lumpur featuring trees and greenery. It has a modern, urban design and cosmopolitan atmosphere. Both bars provide a more relaxed environment compared to bars in downtown Kuala Lumpur.
The summary is:
1) Hannah gives birth to triplets - Rachel, Laura, and Jo-anne - after already having twin sons Andrew and Richard, making her family quite large.
2) Richard forms a close friendship with the new neighbor Sadie, but Andrew becomes jealous of the attention Richard gives to Sadie.
3) Hannah returns to performing as her music career takes off again, but it means she has less time at home with her five children. Andrew acts out as a result of Hannah working more.
El documento resume la historia y características de YouTube. Fue fundado en 2005 por Chad Hurley, Steve Chen y Jawed Karim como un sitio para compartir videos. En 2006 fue adquirido por Google por $1.65 mil millones. Permite a usuarios subir, ver y compartir videos de forma gratuita usando el reproductor Flash.
Marley had difficulty finding work as a doctor and decided to try becoming a firefighter instead, hoping to use his medical skills to help people. He was given a probationary placement on the condition that he improve his fitness and mechanical knowledge. Aimee struggled to find her first job as a chef due to her lack of experience. She went to various restaurants and bars but was turned away. Trinity tried to get her reclusive sister Belladonna to go out more, but they ended up fighting after Trinity accused Belladonna of being pathetic, resulting in Belladonna slapping Trinity.
James invited Emma over to his house to plan an introduction to his mother while the rest of the family was out. Emma found a dress and was nervous but came to a birthday party where James' mother Teresa assumed Emma was James' friend and they had a brief conversation. The evening was focused on Megan becoming a teen. Meanwhile, Bernice's girlfriend Gracie had dumped her after hearing Bernice was sleeping around, though Bernice was trying to commit just to Gracie. Bernice clarified to a man who thought they were together that they were not exclusive.
Malika returns home from a sleepover to find that her home has been completely redecorated and taken over by Captain Grant Bellamy and two others. They explain that they were sent by the government to provide support to the community after a fire and believed Malika's family had died. Malika is upset but agrees to let them stay as long as they reimburse her and find her belongings. She finds her bedroom has been turned into a dormitory and is now shared with Ruby Mires and Lucas Hobb. Malika agrees to help the group rebuild the town in hopes of distracting herself from the loss of her parents.
A journey on the automation path.
Notes on how to migrate existing infrastructures to automation and how to introduce configuration management tools like Puppet, Chef, CFEngine on manually managed systems.
El documento habla sobre la videoconferencia, que permite reuniones entre grupos de personas en lugares alejados mediante comunicación simultánea de audio y video. Además de esto, puede ofrecer el intercambio de archivos y gráficos. El núcleo tecnológico usado es la compresión digital en tiempo real de los flujos de audio y video. La videoconferencia proporciona un mayor trabajo colaborativo entre personas geográficamente distantes y una mayor integración entre grupos.
The document summarizes two bars located in the suburbs of Kuala Lumpur, Malaysia. Movida is located in a shopping complex and has an outdoor beer garden and indoor dance floor. It offers pizza, promotions on drinks, and spacious seating. The second bar, Ecoba, is located in PJ Trade Centre and has the largest outdoor patio in Kuala Lumpur featuring trees and greenery. It has a modern, urban design and cosmopolitan atmosphere. Both bars provide a more relaxed environment compared to bars in downtown Kuala Lumpur.
The summary is:
1) Hannah gives birth to triplets - Rachel, Laura, and Jo-anne - after already having twin sons Andrew and Richard, making her family quite large.
2) Richard forms a close friendship with the new neighbor Sadie, but Andrew becomes jealous of the attention Richard gives to Sadie.
3) Hannah returns to performing as her music career takes off again, but it means she has less time at home with her five children. Andrew acts out as a result of Hannah working more.
El documento resume la historia y características de YouTube. Fue fundado en 2005 por Chad Hurley, Steve Chen y Jawed Karim como un sitio para compartir videos. En 2006 fue adquirido por Google por $1.65 mil millones. Permite a usuarios subir, ver y compartir videos de forma gratuita usando el reproductor Flash.
Marley had difficulty finding work as a doctor and decided to try becoming a firefighter instead, hoping to use his medical skills to help people. He was given a probationary placement on the condition that he improve his fitness and mechanical knowledge. Aimee struggled to find her first job as a chef due to her lack of experience. She went to various restaurants and bars but was turned away. Trinity tried to get her reclusive sister Belladonna to go out more, but they ended up fighting after Trinity accused Belladonna of being pathetic, resulting in Belladonna slapping Trinity.
James invited Emma over to his house to plan an introduction to his mother while the rest of the family was out. Emma found a dress and was nervous but came to a birthday party where James' mother Teresa assumed Emma was James' friend and they had a brief conversation. The evening was focused on Megan becoming a teen. Meanwhile, Bernice's girlfriend Gracie had dumped her after hearing Bernice was sleeping around, though Bernice was trying to commit just to Gracie. Bernice clarified to a man who thought they were together that they were not exclusive.
Malika returns home from a sleepover to find that her home has been completely redecorated and taken over by Captain Grant Bellamy and two others. They explain that they were sent by the government to provide support to the community after a fire and believed Malika's family had died. Malika is upset but agrees to let them stay as long as they reimburse her and find her belongings. She finds her bedroom has been turned into a dormitory and is now shared with Ruby Mires and Lucas Hobb. Malika agrees to help the group rebuild the town in hopes of distracting herself from the loss of her parents.
A journey on the automation path.
Notes on how to migrate existing infrastructures to automation and how to introduce configuration management tools like Puppet, Chef, CFEngine on manually managed systems.
El documento habla sobre la videoconferencia, que permite reuniones entre grupos de personas en lugares alejados mediante comunicación simultánea de audio y video. Además de esto, puede ofrecer el intercambio de archivos y gráficos. El núcleo tecnológico usado es la compresión digital en tiempo real de los flujos de audio y video. La videoconferencia proporciona un mayor trabajo colaborativo entre personas geográficamente distantes y una mayor integración entre grupos.
THE RIDDLE OF THE STANDARDS – WHEN WILL THE ISA EXPLOITATION RULES BE COMPLETE?iQHub
The document discusses the challenges surrounding the development of standards and guidelines to accompany the International Seabed Authority's exploitation rules for deep seabed mining. Over 50 standards and guidelines are planned to be developed in 3 phases, with some intended to be released alongside the rules in 2023. However, the coronavirus pandemic and a recent notice of application have disrupted the original plans. As of now, only 10 standards and guidelines are drafted, and many revisions may still be needed. With deadlines looming, there is a risk that some standards and guidelines may be released too late or not at all to adequately support the rules when they are finalized.
Using cloud services: Compliance with the Security Requirements of the Spanis...Miguel A. Amutio
Cloud Security Alliance EMEA Congress
Using cloud services: Compliance with the Security Requirements of the Spanish Public Sector
Text of the presentation by Miguel A. Amutio
This document provides a data management plan for the CarE-Service project. It establishes policies for managing data collected and generated by the project to ensure confidentiality, security, and compliance with relevant legislation. The plan describes procedures for collecting, storing, protecting, retaining, and destroying data. It also discusses how data will be shared and made FAIR (Findable, Accessible, Interoperable, and Reusable). The plan will be updated throughout the project as new data is generated or policies change.
The presentation provides an overview of the new ISO/IEC 17024 standard for certification of persons. It discusses the goals of revising the standard, including clarifying areas, incorporating guidance, and standardizing the format. Major changes in the new standard include more detailed requirements for impartiality management, certification body structure related to training, personnel requirements, records management, security, certification schemes, and the certification process. The presentation reviews the timeline of the revision process and issues addressed during the working group meetings.
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security PrinciplesLisa Catanzaro
This document provides an overview of the legal and ethical framework for the WITDOM project, which involves processing personal data in untrusted cloud environments. It discusses key European data protection and cybersecurity legislation and their application to new computing environments. Specifically, it examines the 1995 EU Data Protection Directive, the proposed General Data Protection Regulation, and the 2013 Network and Information Security Directive. It also assesses ethical guidelines to support human values like privacy, security and justice. The document identifies legal issues, principles and potential requirements or barriers to managing and protecting personal data in untrusted domains.
Developing an International OHS Management System StandardSue Trebswether
This presentation was delivered to the U.S. Technical Advisory Committee (TAG) that is working with International Organization for Standardization (ISO) PC 283 to develop an international standard for occupational health and safety management systems (ISO 45001). ASSE is administrator of the U.S. TAG and is secretariat of ANSI/ASSE Z10-2012, one of the foundational documents being used to draft the ISO standard.
From the FinTech Webinar Series. Explores:
1. Recent Federal Cybersecurity Developments: Executive Order, NIST Standards, Information-Sharing, Legislation
2. Privacy and Security Issues in Cloud Computing Contracts
3. International Privacy and Transferring Data Across Borders
4. Mobile Devices and Mobile Apps
5. Workplace and Corporate Governance Developments
6. The FTC’s New Rules Concerning Children’s Privacy
Main Description of project PDP4E of H2020 which tackle the compliance of GDPR through engineering by providing methods and tools to achieve this goal.
This document outlines the implementation of an Enterprise Document and Imaging Management System (EDIMS) for the Public Works Department (PWD) of the City of Austin. The project will be implemented in multiple phases, starting with a proof of concept in the Shared Services Division. The project aims to standardize records management, reduce paper storage, and make information more accessible. Key stakeholders include PWD management, CTM, and the Office of the City Clerk. The project will be governed by a Stakeholder Review Board and overseen by an Executive Steering Committee.
Business Solutions Seminar Series:
- Insight into a Successful Cloud Journey for Business
This presentation shared some pointers with SMEs the approach to quickly embrace Cloud Computing for their businesses.
The document discusses European patenting as it relates to innovation and standardization. It provides context on the relevance of standards and patents in digital technologies. It outlines the standardization process and cycles of innovation, addressing how patents fit within these cycles. It also discusses challenges with patent prosecution as they relate to standards, including issues of dissemination, confidentiality and risk management.
The document discusses European patenting as it relates to innovation and standardization. It provides context on the relevance of standards and patents in digital technologies. It outlines the standardization process and cycles of innovation, addressing how patents fit within these cycles. It also discusses challenges with patent prosecution as they relate to standards, including issues of dissemination, confidentiality and risk management.
Final Software Regs - Summary - 10-10-16Steve Roark
The IRS and Treasury Department released several pieces of guidance between 2001 and 2016 regarding software that qualifies for the R&D tax credit:
1) Initial guidance in 2001 established a "three-part high threshold of innovation test" but was quickly suspended due to taxpayer backlash.
2) Revised regulations in 2003 removed the controversial "discovery test" but did not provide final rules for internal-use software.
3) Later guidance defined categories of internal-use software that qualify for the credit versus software developed for commercial purposes or third-party use.
4) The latest 2016 regulations clarified eligible software categories and provided new examples, establishing largely stable rules after over 15 years of changes to the IRS
This paper presents guidance to cloud using organizations that cloud-native and cloud-enabled services may be used to implement the baseline technical controls with reference to capabilities available from major Cloud Service Providers.
The document discusses cybersecurity challenges related to protecting DoD's unclassified information. It outlines DoD's efforts to codify cybersecurity responsibilities through regulations and voluntary programs. It focuses on the requirements of DFARS Clause 252.204-7012, which requires contractors to safeguard covered defense information and report cyber incidents. The document provides guidance on implementing NIST SP 800-171 security requirements to protect covered information, documenting compliance, addressing cloud computing, and the flowdown of requirements to subcontractors.
This document summarizes a dissertation on digital forensics for cloud computing. It introduces challenges of investigating crimes in the cloud due to the remote and distributed nature of cloud data. It outlines contributions including identifying issues through hypothetical case studies, evaluating existing forensic tools for clouds, and developing new forensic tools and techniques for the OpenStack cloud platform. It also analyzes legal challenges and provides a sample search warrant. The goal is to further the understanding and capability of performing digital forensics investigations for cloud computing environments.
This document provides guidance on the selection and use of subsea leak detection systems. It summarizes current industry experience with subsea leak detection technologies and methods. The document covers relevant regulations, field experience to date, available technologies and their characteristics. It also provides guidance on designing, installing, operating, calibrating and improving subsea leak detection systems to reliably detect hydrocarbon discharges to the environment.
This document discusses mapping the forensic standard ISO/IEC 27037 to cloud computing. It provides an introduction to forensic science and digital forensics. It then discusses the notion of cloud forensics and how cloud computing environments present unique challenges to traditional digital forensic processes. The document proceeds to outline the key components of ISO 27037 regarding identification, collection, acquisition and preservation of digital evidence. It then provides examples of how these components may apply to cloud-based computers, peripheral devices, digital storage media and networked devices. The document concludes by discussing current challenges regarding cloud forensics and areas for future work.
THE RIDDLE OF THE STANDARDS – WHEN WILL THE ISA EXPLOITATION RULES BE COMPLETE?iQHub
The document discusses the challenges surrounding the development of standards and guidelines to accompany the International Seabed Authority's exploitation rules for deep seabed mining. Over 50 standards and guidelines are planned to be developed in 3 phases, with some intended to be released alongside the rules in 2023. However, the coronavirus pandemic and a recent notice of application have disrupted the original plans. As of now, only 10 standards and guidelines are drafted, and many revisions may still be needed. With deadlines looming, there is a risk that some standards and guidelines may be released too late or not at all to adequately support the rules when they are finalized.
Using cloud services: Compliance with the Security Requirements of the Spanis...Miguel A. Amutio
Cloud Security Alliance EMEA Congress
Using cloud services: Compliance with the Security Requirements of the Spanish Public Sector
Text of the presentation by Miguel A. Amutio
This document provides a data management plan for the CarE-Service project. It establishes policies for managing data collected and generated by the project to ensure confidentiality, security, and compliance with relevant legislation. The plan describes procedures for collecting, storing, protecting, retaining, and destroying data. It also discusses how data will be shared and made FAIR (Findable, Accessible, Interoperable, and Reusable). The plan will be updated throughout the project as new data is generated or policies change.
The presentation provides an overview of the new ISO/IEC 17024 standard for certification of persons. It discusses the goals of revising the standard, including clarifying areas, incorporating guidance, and standardizing the format. Major changes in the new standard include more detailed requirements for impartiality management, certification body structure related to training, personnel requirements, records management, security, certification schemes, and the certification process. The presentation reviews the timeline of the revision process and issues addressed during the working group meetings.
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security PrinciplesLisa Catanzaro
This document provides an overview of the legal and ethical framework for the WITDOM project, which involves processing personal data in untrusted cloud environments. It discusses key European data protection and cybersecurity legislation and their application to new computing environments. Specifically, it examines the 1995 EU Data Protection Directive, the proposed General Data Protection Regulation, and the 2013 Network and Information Security Directive. It also assesses ethical guidelines to support human values like privacy, security and justice. The document identifies legal issues, principles and potential requirements or barriers to managing and protecting personal data in untrusted domains.
Developing an International OHS Management System StandardSue Trebswether
This presentation was delivered to the U.S. Technical Advisory Committee (TAG) that is working with International Organization for Standardization (ISO) PC 283 to develop an international standard for occupational health and safety management systems (ISO 45001). ASSE is administrator of the U.S. TAG and is secretariat of ANSI/ASSE Z10-2012, one of the foundational documents being used to draft the ISO standard.
From the FinTech Webinar Series. Explores:
1. Recent Federal Cybersecurity Developments: Executive Order, NIST Standards, Information-Sharing, Legislation
2. Privacy and Security Issues in Cloud Computing Contracts
3. International Privacy and Transferring Data Across Borders
4. Mobile Devices and Mobile Apps
5. Workplace and Corporate Governance Developments
6. The FTC’s New Rules Concerning Children’s Privacy
Main Description of project PDP4E of H2020 which tackle the compliance of GDPR through engineering by providing methods and tools to achieve this goal.
This document outlines the implementation of an Enterprise Document and Imaging Management System (EDIMS) for the Public Works Department (PWD) of the City of Austin. The project will be implemented in multiple phases, starting with a proof of concept in the Shared Services Division. The project aims to standardize records management, reduce paper storage, and make information more accessible. Key stakeholders include PWD management, CTM, and the Office of the City Clerk. The project will be governed by a Stakeholder Review Board and overseen by an Executive Steering Committee.
Business Solutions Seminar Series:
- Insight into a Successful Cloud Journey for Business
This presentation shared some pointers with SMEs the approach to quickly embrace Cloud Computing for their businesses.
The document discusses European patenting as it relates to innovation and standardization. It provides context on the relevance of standards and patents in digital technologies. It outlines the standardization process and cycles of innovation, addressing how patents fit within these cycles. It also discusses challenges with patent prosecution as they relate to standards, including issues of dissemination, confidentiality and risk management.
The document discusses European patenting as it relates to innovation and standardization. It provides context on the relevance of standards and patents in digital technologies. It outlines the standardization process and cycles of innovation, addressing how patents fit within these cycles. It also discusses challenges with patent prosecution as they relate to standards, including issues of dissemination, confidentiality and risk management.
Final Software Regs - Summary - 10-10-16Steve Roark
The IRS and Treasury Department released several pieces of guidance between 2001 and 2016 regarding software that qualifies for the R&D tax credit:
1) Initial guidance in 2001 established a "three-part high threshold of innovation test" but was quickly suspended due to taxpayer backlash.
2) Revised regulations in 2003 removed the controversial "discovery test" but did not provide final rules for internal-use software.
3) Later guidance defined categories of internal-use software that qualify for the credit versus software developed for commercial purposes or third-party use.
4) The latest 2016 regulations clarified eligible software categories and provided new examples, establishing largely stable rules after over 15 years of changes to the IRS
This paper presents guidance to cloud using organizations that cloud-native and cloud-enabled services may be used to implement the baseline technical controls with reference to capabilities available from major Cloud Service Providers.
The document discusses cybersecurity challenges related to protecting DoD's unclassified information. It outlines DoD's efforts to codify cybersecurity responsibilities through regulations and voluntary programs. It focuses on the requirements of DFARS Clause 252.204-7012, which requires contractors to safeguard covered defense information and report cyber incidents. The document provides guidance on implementing NIST SP 800-171 security requirements to protect covered information, documenting compliance, addressing cloud computing, and the flowdown of requirements to subcontractors.
This document summarizes a dissertation on digital forensics for cloud computing. It introduces challenges of investigating crimes in the cloud due to the remote and distributed nature of cloud data. It outlines contributions including identifying issues through hypothetical case studies, evaluating existing forensic tools for clouds, and developing new forensic tools and techniques for the OpenStack cloud platform. It also analyzes legal challenges and provides a sample search warrant. The goal is to further the understanding and capability of performing digital forensics investigations for cloud computing environments.
This document provides guidance on the selection and use of subsea leak detection systems. It summarizes current industry experience with subsea leak detection technologies and methods. The document covers relevant regulations, field experience to date, available technologies and their characteristics. It also provides guidance on designing, installing, operating, calibrating and improving subsea leak detection systems to reliably detect hydrocarbon discharges to the environment.
This document discusses mapping the forensic standard ISO/IEC 27037 to cloud computing. It provides an introduction to forensic science and digital forensics. It then discusses the notion of cloud forensics and how cloud computing environments present unique challenges to traditional digital forensic processes. The document proceeds to outline the key components of ISO 27037 regarding identification, collection, acquisition and preservation of digital evidence. It then provides examples of how these components may apply to cloud-based computers, peripheral devices, digital storage media and networked devices. The document concludes by discussing current challenges regarding cloud forensics and areas for future work.
89. SIPPLEMENTARY BUDGET ESTIMATES – NOVEMBER 2013
TOPIC: PRIVACY LAW REFORM IMPLEMENTATION
PROGRESS
WITNESS: Sue Bird
Chief Counsel
The department is committed to the implementation of the Privacy Law
Reforms, including the introduction of the Australian Privacy Principles.
In readiness for 12 March 2014, a project team has been established and is
working across the department to assist business areas prepare for, and
implement, their responsibilities and obligations under the Privacy Reforms.
TALKING POINTS
The commencement of the Australian Privacy Principles in March
2014 will, to some extent, affect the way the department manages
personal information.
Steps taken so far in preparation of the Reforms
A project team has been established to provide assistance to all
areas of the department in preparation for the implementation of the
Privacy Law Reforms.
A network of divisional contact officers has been established to
facilitate the dissemination of information about the reforms and to
co-ordinate input from across the department about common
practices and procedures.
The project team has developed a number of resources for
business areas to assist in implementing the reforms, including
factsheets, process maps and information flow diagrams.
The project team is co-ordinating the input and assessment of
ICT-based solutions necessary to implement the privacy reforms,
in consultation with business areas and ICT stakeholders.
The department has convened an Inter-Departmental Discussion
Group with key service delivery agencies, to provide a forum for
sharing and developing implementation strategies.
Document 12
LEX 9654
Page 200
90. BACKGROUND
The Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Reform Act)
passed through the Australian Parliament on 29 November 2012 and received
royal assent on 12 December 2012.
The Reform Act includes a set of new, harmonised, privacy principles for both
the public and private sector, called the Australian Privacy Principles (APPs).
These principles will commence 12 March 2014 and replace the existing
Information Privacy Principles (IPPs).
There will be 13 new APPs. A number of the APPs differ from the existing IPPs
and will require the department to review, and in some cases modify, the way it
manages personal information.
The project team has adopted a phased approach to implementation, focusing
on three key areas:
Operational
(Advice and guidance to business areas about forms, manuals, letters,
instructions, notices, contracts)
Policy & Procedure
(Advice and guidance to business areas on activities concerning the
collection, release, storage and use of sensitive information)
Key focus areas
(Advice and guidance to business areas about customer records, employee
awareness, Customer messaging, Service delivery)
A number of briefings and forums have been held to assist business areas to
prepare for the privacy reforms.
On 30 April 2013, General and National Managers participated in a
‘familiarisation’ briefing presented by the Legal Services Division.
On 1 May 2013, the Australian Information Commissioner Professor John
McMillan presented an overview of the reforms to SES officers.
The project team have, on request, briefed various business areas across the
department about the reforms and have workshopped the potential impacts of
the reforms on those business areas’ operations.
Additional briefings continue to be provided to key branches to assist with
preparations for implementation of the reforms.
Cleared by: Sue Bird
Position: Chief Counsel, Legal Services Division
Date: /11/13
Contact Officer:
Phone:
Date: 18/11/13
Stakeholder Consultation: No
Document 12
LEX 9654
Page 201
s22
s22
91. DEPARTMENT OF HUMAN SERVICES BRIEF 3.2
Brief 3.2 (10/12/2014) Page 1 of 2
ADDITIONAL ESTIMATES – FEBRUARY 2014
TOPIC: PRIVACY LAW REFORM IMPLEMENTATION
PROGRESS
WITNESS: Sue Bird
Chief Counsel
The department is committed to the implementation of the Privacy Law
Reforms, including the introduction of the Australian Privacy Principles.
In readiness for 12 March 2014, a project team has been established and is
working across the department to assist business areas to prepare for, and
implement, their responsibilities and obligations under the Privacy Reforms.
TALKING POINTS
The commencement of the Australian Privacy Principles in
March 2014 will, to some extent, affect the way the department
manages personal information.
Steps taken so far in preparation of the Reforms
A project team has been established to provide assistance to all
areas of the department in preparation for the implementation of the
Privacy Law Reforms.
An assessment of the necessary ICT-based solutions to help
achieve compliance has been conducted. A three phased
approach to updating systems and work processes has been
agreed upon. Building of phase one ICT solutions has
commenced, with testing of solutions to occur shortly.
The project team continues to develop resources for business
areas to assist in implementing the reforms, including factsheets,
process maps and information flow diagrams.
The project team is co-ordinating the preparation of the
department’s Privacy Policy.
The department has convened an Inter-Departmental Discussion
Group with key service delivery and policy agencies, to provide a
forum for sharing and developing implementation strategies.
Document 15
LEX 9654
Page 209
92. Brief 3.2 (10/12/2014) Page 2 of 2
BACKGROUND
The Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Reform Act)
passed through the Australian Parliament on 29 November 2012 and received
royal assent on 12 December 2012.
The Reform Act includes a set of new, harmonised, privacy principles for both
the public and private sector, called the Australian Privacy Principles (APPs).
These principles will commence 12 March 2014 and replace the existing
Information Privacy Principles (IPPs) for government agencies, and National
Privacy Principles (NPPs) for private sector organisations.
There will be 13 new APPs. A number of the APPs differ from the existing IPPs
and will require the department to review, and in some cases modify, the way it
manages personal information.
A number of briefings and forums have been held to assist business areas to
prepare for the privacy reforms.
On 30 April 2013, General and National Managers participated in a
‘familiarisation’ briefing presented by the Legal Services Division.
On 1 May 2013, the Australian Information Commissioner Professor John
McMillan presented an overview of the reforms to SES officers.
The project team have, on request, briefed various business areas across the
department about the reforms and have workshopped the potential impacts of
the reforms on their business processes.
Additional briefings continue to be provided to assist business areas prepare
for the reforms.
Cleared by: Maris Stipnieks
TITLE: A/g Chief Counsel, Legal Services Division
Date: /02/2014
Contact Officer:
Phone:
Date: 13/02/14
Stakeholder Consultation: No
Document 15
LEX 9654
Page 210
s22
s22
93. DEPARTMENT OF HUMAN SERVICES BRIEF 3.2
Brief 3.2 (10/12/2014) Page 1 of 2
BUDGET ESTIMATES – JUNE 2014
TOPIC: PRIVACY LAW REFORM IMPLEMENTATION
PROGRESS
WITNESS: Maris Stipnieks
General Counsel, Programme Advice Legal and
Ombudsman Branch, Legal Services Division
The department is committed to the implementation of the Privacy Law
Reforms (including the introduction of the Australian Privacy Principles) that
took effect on 12 March 2014.
In readiness for the reforms, a project team was established and continues
working across the department to assist business areas to implement their
responsibilities and obligations under the Privacy Reforms.
TALKING POINTS
The commencement of the Australian Privacy Principles in
March 2014 has affected the way the department manages
personal information.
A project team was established to provide assistance to all areas
of the department in preparation for the implementation of the
Privacy Law Reforms.
An assessment of the necessary ICT-based solutions to help
achieve compliance was undertaken. As a result, a three phased
approach to updating systems and work processes is being
implemented, with all phases to be delivered by March 2015.
The project team continues to develop and refine resources for
business areas to assist in meeting compliance with the reforms,
including factsheets, process maps and information flow
diagrams.
The project team co-ordinated the preparation of the
department’s Privacy Policy, now available on the department’s
internet and intranet sites.
The Inter-Departmental Discussion Group of key service delivery
and policy agencies, convened by the department as a forum for
Document 16
LEX 9654
Page 211
94. Brief 3.2 (10/12/2014) Page 2 of 2
sharing and developing implementation strategies, continues to
meet.
An internal training package has been prepared and is being
delivered to ensure all staff are aware of their privacy obligations.
The department also prepared a whole-of-government e-learning
package, which is being implemented in a number of Australian
Government agencies.
BACKGROUND
The Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Reform
Act) passed through the Australian Parliament on 29 November 2012 and
received Royal Assent on 12 December 2012.
The Reform Act includes a set of 13 new, harmonised privacy principles for
both the public and private sector, called the Australian Privacy Principles
(APPs).
These principles commenced on 12 March 2014 and replace both the
existing Information Privacy Principles (IPPs) for government agencies and
the National Privacy Principles (NPPs) for private sector organisations.
The new requirements under the APPs have meant significant changes for
the department, including:
Changes to the methods by which the department collects personal
information;
Greater transparency in the department’s handling of personal
information, as articulated in the department’s privacy policy;
Changes to letters, forms and products collecting personal
information; and
Development and provision of training to all departmental staff on
the new privacy obligations.
Cleared by: Maris Stipnieks
Position: General Counsel, Legal Services Division
Date: DD/05/14
Contact Officer:
Phone:
Date: 22/05/14
Stakeholder Consultation: No
Document 16
LEX 9654
Page 212
s22
s22