Protection of personal data in universities

Victoria’s Information Commissioner recently released a report following an examination of the privacy policies and procedures in eight Victorian universities. The report found that many universities don’t have clear policies to guide staff to destroy personal information when it is no longer needed. While Universities are prioritising ICT and cybersecurity risks, in general, they have less of a focus on managing risks to personal information related to physical and personnel security. The report includes recommendations for universities to strengthen the protection of personal information by developing policies and procedures to identify and document the personal information they hold, where it is held, and for sharing information with third parties and contracted service providers. InfoGovANZ is hosting a session with Sven Bluemmel – Victorian Information Commissioner to highlight the key findings of the report and discuss the recommendations, book your ticket here. Read more about the report here.