Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

A short guide to privacy law: Part 2

Guy Betar | Aug. 7, 2015
In the first article in this series, I looked at the general requirements of the Privacy Act and provided examples of how your organisation can deal with certain types of breaches.

St. Vincent's accepted all of the assessments, and no doubt is working to address them. There are some valuable general guidelines to be drawn from this assessment.

Related organisational policy or procedural topics, like privacy and security management pertaining to it, should be consolidated into one manual or source.

Induction and topic training should be supported by written materials, and refresher courses for that training should be provided at regular intervals. The supporting written materials ought to be reviewed and updated regularly as well.

As with training materials, so security and access management systems and protocols need to be regularly reviewed and, where appropriate, updated and/or expanded. Systems and controls need to be in place to be able to monitor clearly how personal information is being accessed and used, and by whom.

A regular review of your privacy compliance will not only ensure compliance with Australian privacy law, it can in fact give you a much needed, refreshed perspective on your IT and security systems, as well as your internal policies and procedures.

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.