We are creating some awesome events for you. Kindly bear with us.

Development and implementation of Australian Public Service Privacy Governance Code among key 2017-18 priorities for OAIC

Development and implementation of Australian Public Service Privacy Governance Code among key 2017-18 priorities for OAIC

The Office of the Australian Information Commissioner (OAIC) has released its Corporate Plan for 2017–18, outlining its priorities and key success factors. During 2018, the implementation of the Notifiable Data Breaches scheme, the Australian Public Service Privacy Governance Code, the implications of the EU General Data Protection Regulation requirements and the review of the Credit Reporting Code will be key priorities for the OAIC’s privacy role.

The OAIC will also publish a regulatory action policy, and deliver more tools and guidance for Australian Government agencies on compliance with the Freedom of Information Act 1982. In 2017–18 OAIC plans to trial an early resolution process to assist more efficient processing of privacy complaints.

On 18 May 2017, the OAIC announced the development of the Australian Public Service (APS) Privacy Governance Code. The Code will be developed by the OAIC, in collaboration with the Department of Prime Minister & Cabinet (PM&C). It will play a key role in building public trust in the APS, support the Australian Government’s public data agenda and enhance privacy governance and capability.

The Code will apply to all Australian Government agencies subject to the Privacy Act 1988. The Code sets out requirements for agencies, such as having a privacy management plan, appointing a designated privacy officer, undertaking a written Privacy Impact Assessment (PIA) for all ‘high risk’ projects or initiatives that involve personal information and keeping a register of all PIAs conducted and make this available to the OAIC on request.

The code is expected to play a key role in building public trust in the APS, support the Australian government’s public data agenda and enhance privacy governance and capability. The OAIC will provide resources to support transition to the Code, and will monitor the success of implementation and its effect on building privacy management capability. OAIC will develop a maturity model to assist agencies to self-assess their privacy compliance under the APS Privacy Code.

During 2017–18 OAIC will also conduct assessments of Australian Government agencies. Targeted assessments will be conducted in the areas of national security, identity management, the data retention scheme, digital health and the enhanced welfare payment integrity data matching program.

In 2017–18 the OAIC will prepare for the implementation of the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Notifiable Data Breaches scheme) on 22 February 2018. From February 2018, businesses and agencies with existing obligations under the Privacy Act will be required to notify the individuals whose personal information is involved in a data breach which, as described in the legislation is ‘likely to result in serious harm’. There is also a requirement to notify the OAIC.

The OAIC develop guidance and support tools for businesses and Australian Government agencies in relation to the Notifiable Data Breaches scheme and the My Health Records data breach notification scheme and provide information to the community about the commencement and operation of the Notifiable Data Breaches scheme.

The OAIC will continue to administer the legislated My Health Records data breach notification scheme.  The Australian government is in the process of extending the My Health Record to all Australians, unless they choose to opt out.

The changes to My Health Records Act 2012 in relation to notifying data breaches took effect on 1 March 2016. The changes have removed ambiguity to make clear that entities participating in the My Health Record system (i.e. the My Health Record System Operator, registered repository operators, registered portal operators and registered contracted service providers) must notify the Australian Information Commissioner and/or System Operator of potential and actual data breaches. Entities that do not comply with this obligation may be subject to a civil penalty of up to 100 penalty units ($21,000 for individuals and $105,000 for bodies corporate).

During 2017, the OAIC will also review the Privacy Guidelines for the Medicare Benefits and Pharmaceutical Benefits Programs under s135AA of the National Health Act 1953. 


Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.


CTC Global Singapore, a premier end-to-end IT solutions provider, is a fully owned subsidiary of ITOCHU Techno-Solutions Corporation (CTC) and ITOCHU Corporation.

Since 1972, CTC has established itself as one of the country’s top IT solutions providers. With 50 years of experience, headed by an experienced management team and staffed by over 200 qualified IT professionals, we support organizations with integrated IT solutions expertise in Autonomous IT, Cyber Security, Digital Transformation, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Well-known for our strengths in system integration and consultation, CTC Global proves to be the preferred IT outsourcing destination for organizations all over Singapore today.


Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit www.planview.com.


SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.


HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 


IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.

Send this to a friend