• Skip to main content
  • Skip to footer

InfoGovANZ

Information Governance Think Tank

  • Home
  • About Us
    • Our Goals
    • Our Leadership
    • Founder & Executive Director
      • Susan Bennett
    • International Council
      • Susan Bennett
      • Sarah Auva’a
      • Denise Backhouse
      • Barclay T Blair
      • Brynmor Bowen
      • Dr Pietro Brambilla
      • Ronke Ekwensi
      • Carol Feuerriegel
      • Aurelie Jacquet
      • Richard Kessler
      • Ilana Lutman
      • Lynne Saunder
      • Tarun Samtani
      • Dr Pieter Van Der Walt
    • Member Profiles
    • News
  • Events & Workshops
  • Supporters
    • Corporate Partners
    • Education Partners
    • Industry Alliances
  • Resources
    • AI & Ethics
    • COVID-19
    • Cyber & Info Security
    • Data & Infonomics
    • eDiscovery
    • Information Governance
    • IGANZ Industry Reports
    • Privacy
    • Records Management
    • IG Case Studies
    • The Governance of Things – Keeping Our Members Up To Date
    • This Month’s Featured Articles
    • Webinar Recordings
  • Contact
  • Join
  • Member Login
  • My Account
    • My Account
    • Webinar Recordings

Privacy Act Review Report

February 17, 2023 by InfoGovANZ

The long awaited report reviewing Australia’s Privacy Act 1988 has been released by the Australian Government, proposing significant changes including individual rights modelled on the GDPR, such as the right to request erasure, and notification of databreaches to Office of the Australian Information Commissioner within 72 hours.

Attorney-General Dreyfus’ statement releasing the report says, ‘the Privacy Act has not kept pace with the changes in the digital world. The large-scale data breaches of 2022 were distressing for millions of Australians, with sensitive personal information being exposed to the risk of identity fraud and scams.’

In relation to security, destruction and notifiable databreaches the report states, ‘recent large-scale data breaches have highlighted the vast amount of personal information that is collected and retained by entities, and the need for entities to put in place stronger protections to prevent unauthorised access to Australians’ information. The best way to protect personal information is for entities to minimise the amount of personal information they collect and retain. The Act already requires entities to only collect what is reasonably necessary and to destroy personal information when it is no longer required. This requirement would be reinforced through enhanced OAIC guidelines for entities on the reasonable steps they should take to destroy or de-identify personal information so that they can be in a better position to meet their obligations. In addition, this Report proposes that entities should determine, and periodically review, the period of time for which they retain personal information. There should be a further review of legal provisions outside of the Privacy Act that require certain forms of personal information to be retained. This further work should determine if those requirements appropriately balance the intended policy objectives with the privacy and cyber security risks of entities holding significant volumes of personal information. The Report also proposes enhancements to the Notifiable Data Breach scheme (NDB scheme) so that, when a data breach occurs, quick action can be taken to minimise harm to affected individuals. Proposed new data breach reporting obligations, including notifying the Information Commissioner (IC) within 72 hours of becoming aware of a data breach, would assist with this objective. The Report also proposes further work to better facilitate reporting processes for entities with multiple reporting obligations.’

The Government is now seeking feedback on the 116 proposals in this report before deciding what further steps to take.

Submissions on the report are due on 31 March 2023.

Read the report here – https://bit.ly/3YAZ9b7

Filed Under: Featured, Latest News, Privacy

Footer

Information Governance ANZ Pty Ltd

Level 26, 1 Bligh St, Sydney 2000
Ph: +61 2 8226 8546
E: infogovanz@infogovanz.com

ACN: 611 611 360

Stay Informed

Linkedin Information Governance ANZ Twitter Information Governance ANZ

Become a Member

Get Event Notifications
  • Event Recordings
  • Become a Member
  • Cart
  • Checkout

Copyright © 2023 Information Governance ANZ Pty Ltd · Privacy Policy · Terms of Use