Privacy. New technologies, same responsibilities. Carole Fleeman Office of the Victorian Privacy Commissioner

Similar documents
Should privacy impact assessments be mandatory? David Wright Trilateral Research & Consulting 17 Sept 2009

Hong Kong Personal Data Protection Regulatory Framework From Compliance to Accountability

Privacy Impact Assessment on use of CCTV

This policy sets out how Legacy Foresight and its Associates will seek to ensure compliance with the legislation.

Robert Bond Partner, Commercial/IP/IT

Protection of Privacy Policy

Privacy Law in Canada: Obligations and Risks in the Cyber Age Dina L. Maxwell Associate Lawyer

PRIVACY IMPACT ASSESSMENT

Australian Census 2016 and Privacy Impact Assessment (PIA)

About the Office of the Australian Information Commissioner

ONR Strategy 2015 to 2020

CCTV Policy. Policy reviewed by Academy Transformation Trust on June This policy links to: T:Drive. Safeguarding Policy Data Protection Policy

What does the revision of the OECD Privacy Guidelines mean for businesses?

General Manager Assurance and Risk Management in Oakton;

Paola Bailey, PsyD Licensed Clinical Psychologist PSY# 25263

CCTV Policy. Policy reviewed by Academy Transformation Trust on June This policy links to: Safeguarding Policy Data Protection Policy

UK Research and Innovation Conflicts of Interest Policy

KKR Credit Advisors (Ireland) Unlimited Company PILLAR 3 DISCLOSURES

End of the Census. Why does the Census need reforming? Seminar Series POPULATION PATTERNS. seeing retirement differently

Primary IVF Conditions for Registration For Assisted Reproductive Treatment Providers under the Assisted Reproductive Treatment Act 2008

Malcolm Crompton. Future trends in consumer credit and privacy. Cockle Bay Wharf Sydney

Venturing into contracting?

Office for Nuclear Regulation Strategy

SPONSORSHIP AND DONATION ACCEPTANCE POLICY

BROOKSONONE.CO.UK SPECIALIST CONTRACTOR ACCOUNTANT BENEFITS OF USING A SPECIALIST CONTRACTOR ACCCOUNTANT

Seminar on Consultation on. Review of the Personal Data (Privacy) Ordinance. Why the review is being conducted and what this means to you

Privacy by Design: Integrating Technology into Global Privacy Practices

Corporate Services. Yes. Chief Executive Officer. Head of Legal and Compliance. Policy and Compliance Officer

The Information Commissioner s response to the Draft AI Ethics Guidelines of the High-Level Expert Group on Artificial Intelligence

PRIVACY IMPACT ASSESSMENT CONDUCTING A PRIVACY IMPACT ASSESSMENT ON SURVEILLANCE CAMERA SYSTEMS (CCTV)

Privacy Procedure SOP-031. Version: 04.01

Building DIGITAL TRUST People s Plan for Digital: A discussion paper

Cash Converters Financial Services Guide

Privacy Impact Assessments

Your complaint and the ombudsman easy read

Honourable Guests, Ladies and Gentlemen, In April 1995, the Personal Data (Privacy) Bill was introduced into the Legislative Council.

IT Contractors - The Benefits of Using a SPECIALIST CONTRACTOR & FREELANCER ACCOUNTANT. Brookson, here with all the right options

Your complaint and the ombudsman Easy read

Notice of Privacy Practices

Diana Gordick, Ph.D. 150 E Ponce de Leon, Suite 350 Decatur, GA Health Insurance Portability and Accountability Act (HIPAA)

The Island of Jersey...2. The Commissioners Chairman s Statement IMF Report Introduction Balance Sheet...

Privacy Management in Smart Cities

Anonymous registration: Supporting survivors of domestic abuse to register to vote

2018 Census Independent Privacy Impact Assessment 7 July Trust An independent assessment. Privacy

Privacy Policy. Catalyst.Net Limited. Version 1.0

Legal Aspects of the Internet of Things. Richard Kemp June 2017

Specialist Services Section

Privacy Policy SOP-031

Our position. ICDPPC declaration on ethics and data protection in artificial intelligence

TECHNOLOGY MADE SIMPLE ISO 27001:2013 ISO QUALITY SERVICES QUALITY SERVICES CERTIFICATED REGISTERED FIRM CERTIFICATED REGISTERED FIRM

EXPLORATION DEVELOPMENT OPERATION CLOSURE

PIA Expectations of the OPC

Pan-Canadian Trust Framework Overview

EXIN Privacy and Data Protection Foundation. Preparation Guide. Edition

Ten Principles for a Revised US Privacy Framework

Secure your information. Protect your view.

Christina Narensky, Psy.D.

Managing Technology Risks Through Technological Proficiency A Leadership Summary

CANADIAN CENTRE FOR ETHICS AND CORPORATE POLICY. Annual General Meeting. May 17, :30 7:00 pm

RBI Working Group report on FinTech: Key themes

CARAPELLI FOR ART COMPETITION RULES AND REGULATIONS

ICS GUIDE TO CONTRACTING

Lecture 7 Ethics, Privacy, and Politics in the Age of Data

COMMUNICATIONS POLICY

MOBILE DEVICE MANAGEMENT POLICY

Staffordshire Police

KEY ISSUES IN PRIVACY AND INFORMATION MANAGEMENT 2015

Guidelines for the Stage of Implementation - Self-Assessment Activity

Legislative and Regulatory Update. Diane Bowers, CASRO President CASRO Data Collection Conference November 19, 2009

«INTERNAL AUDITORS AND AUDIT COMMITTEES» Key Elements for sound Corporate Governance

Appointment of External Auditors

For all members and clients of Tarot Professionals.

BAUER & COTTRELL IR35 ASSOCIATE MEMBERSHIP SCHEME

Pickens Savings and Loan Association, F.A. Online Banking Agreement

2013 IT Risk/Reward Barometer: Asia-Pacific Results. October Unless otherwise noted, n = 343

technologies, Gigaom provides deep insight on the disruptive companies, people and technologies shaping the future for all of us.

APPEAL TO BOARD OF VETERANS APPEALS

GDPR Awareness. Kevin Styles. Certified Information Privacy Professional - Europe Member of International Association of Privacy professionals

VISUAL ARTS COLLECTION COORDINATOR

Mansfield & Ashfield Clinical Commissioning Group Newark & Sherwood Clinical Commissioning Group DISCIPLINARY POLICY

BUILDING A SAFER FUTURE GUIDANCE DOCUMENT

Dr Nicholas J. Gervassis University of Plymouth THE EMERGING UK DATA PROTECTION FRAMEWORK AND BEYOND

Policy for CCG Engagement with the Pharmaceutical Industry

Global Standards Symposium. Security, privacy and trust in standardisation. ICDPPC Chair John Edwards. 24 October 2016

Session 1, Part 2: Emerging issues in e-commerce Australian experiences of privacy and consumer protection regulation

Microsoft Submission in response to ALRC Discussion Paper 72, Review of Australian Privacy Law

Trade Secret Protection of Inventions

Regulatory Reforms in Mexico Energy Production and Environmental Protection. A Technical Regulator for a New Market Frame

Legal Issues Related to Accountable-eHealth Systems in Australia

ANEC response to the CEN-CENELEC questionnaire on the possible need for standardisation on smart appliances

2018 / Photography & Video Bell Lane Primary School & Children s Centre

First Components Ltd, Savigny Oddie Ltd, & Datum Engineering Ltd. is pleased to provide the following

Draft Final Report: Scientific Inquiry into Hydraulic Fracturing in the Northern Territory

FIPPs Fair Information Practice Principles

Your 12 Step Guide to Future Financial Freedom

3i Group plc Corporate responsibility report 2006

24 May Committee Secretariat Justice Committee Parliament Buildings Wellington. Dear Justice Select Committee member,

ESSENTIAL RECIPES FOR THE DIGITAL JOURNEY OF ENTERPRISES

Standards and privacy engineering ISO, OASIS, PRIPARE and Other Important Developments

MULTIPLE ENTRY CONSOLIDATED GROUP TSA USER AGREEMENT

Transcription:

Privacy New technologies, same responsibilities Carole Fleeman Office of the Victorian Privacy Commissioner

Victorian privacy regulators Office of the Victorian Privacy Commissioner (Privacy Victoria) Privacy awareness and education Receive and conciliate complaints Advise government on legislation and policy Audits Compliance notices Monitor developments in technology Office of the Health Services Commissioner

Privacy and technology Privacy laws were introduced in Victoria over 10 years ago because of the impact of technological change. Huge increase in the volume of info collected and stored Electronic information is more vulnerable and fluid Collection and use can be less transparent

What information might be collected and recorded about you on an average day?

What about in the very near future? Augmented reality glasses Billboards featuring you! Pay as you drive car insurance Technological change is happening very rapidly new technologies can be privacy enhancing but can also bring privacy risks.

Basic themes of privacy Privacy laws only apply to identifying information about people Openness and transparency Proportionality Purpose governs use Individual participation

What are your privacy responsibilities? Standing Directions of the Minister for Finance 3.4.13 Information Collection and Management consider statutory obligations under the Information Privacy Act The 10 Information Privacy Principles (IPPs) set the standard for handling information about people (customers and staff): Collection Collect the minimum amount of information necessary Provide notice to people about what will happen with their information Use and disclosure Generally only disclose for the purpose the information was provided Data quality and security

Common problems Data security Lost files, swipe cards, laptops, USB sticks Access control can staff access only the information they need for their current role? Emails - containing sensitive information or sent to wrong address Placing personal information online Disclosure Disclosure to the wrong person or disclosure of too much information Inconsistent procedures concerning disclosure Disclosure without proper collection notice

Common problems Data quality Out of date postal addresses Incorrect spelling of names and mixing up of client records Collection Collecting unnecessary information Not providing notice to people about what will happen with their information Outsourcing Engaging contractors without considering privacy

What s the cost of a privacy breach? To an organisation Damage to reputation Time investigating and responding to a breach Costs involved in changing procedures, IT systems etc Compensation payments

What s the cost of a privacy breach? UK council fined 80,000 for failing to secure an email. Ponemon Institute conducts independent research concerning data breaches in the private sector Data breaches involving outsourced data are common and costly. 2009 AUS study - the average organisational cost of a data breach, including activities intended to prevent a loss of customer trust is $1.97 million Annual studies conducted in UK and US frequency, size and cost of breaches all increasing

What s the cost of a privacy breach? To a person whose privacy has been breached Damage to reputation Embarrassment, humiliation etc Risk of identity theft Loss of income, job Exposure to domestic violence or other crime

Case studies

Current issues in privacy in Victoria Portable storage devices (USB keys, tablets, smartphones etc) If you lose a laptop, you can t do your work. If you lose a USB stick, nobody will ever know about it. (Larry Ponemon) Cloud computing While cloud computing can sound cheap and attractive, the potential risks might outweigh the benefits (Victorian Privacy Commissioner) Social networking Organisations have found that social media can be used to enhance transparency in government processes and increase engagement with the community. However, there are privacy concerns that need to be identified and addressed. (Victorian Privacy Commissioner)

Implementing new technologies Consider privacy early in the planning Undertake a Privacy Impact Assessment (PIA) PIAs are used to assess the privacy impact of a proposed project and identify ways in which any negative impacts can be mitigated and any positive impacts enhanced Consult with Privacy Victoria as needed

More information Privacy Victoria www.privacy.vic.gov.au 1300 666 444 Victorian Health Services Commissioner www.health.vic.gov.au/hsc 8601 5200 Federal Privacy Commissioner www.privacy.gov.au 1300 363 992

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback