About Us

The Office for the Commissioner for Privacy and Data Protection (CPDP) administers the Privacy and Data Protection Act 2014 (PDPA). The PDPA regulates three areas of activity:

• information privacy
• protective data security
• law enforcement data security

The key purposes of the PDPA are:

• to provide for responsible collection and handling of personal information in the Victorian public sector
• to provide remedies for interference with the information privacy of an individual
• to establish a protective data security regime for the Victorian public sector
• to establish a regime for monitoring and assuring public sector data security

 

Key Functions

The key functions of the Commissioner with regard to information privacy are:

• to promote awareness and understanding of the Information Privacy Principles (IPPs)
• to receive complaints about possible breaches of the IPPs by public sector organisations and local government
• to conduct audits to assess compliance with the IPPs
• to undertake research, issue reports, guidelines and other materials with regard to information privacy

The key functions of the Commissioner with regard to protective data security and law enforcement data security are:

• to develop the Victorian Protective Data Security Framework
• to issue protective data security standards and law enforcement data security standards
• to conduct monitoring and assurance activities to assess compliance with those standards
• to undertake research, issue reports, guidelines and other materials with regard to protective data security