Guidelines

Guidelines for outsourcing in the Victorian public sector - Checklist - April 2017

Guidelines for outsourcing in the Victorian public sector - Accompanying guide - April 2017

Guidelines to surveillance and privacy in the Victorian public sector - April 2017

Guidelines to protecting the security of personal information: ‘Reasonable Steps’ under Information Privacy Principle 4.1 - January 2017

Information Sharing Guidelines March 2016

The Office of the Commissioner for Privacy and Data Protection has published Guidelines for sharing personal information for the Victorian public sector. The guidelines have been produced following extensive consultation across government. They identify the factors that inhibit appropriate information sharing and demonstrate why privacy is rarely a barrier. The guidelines set out the methodology that should be used when approaching an information sharing problem that involves personal information, and considers the steps that should be taken from information privacy, protective data security and record keeping perspectives.

Guide for Complainants under the Privacy and Data Protection Act 2014

Guide for Respondents under the Privacy and Data Protection Act 2014

Conciliation at the Office of the Commissioner for Privacy and Data Protection – for complainants

Conciliation at the Office of the Commissioner for Privacy and Data Protection – for respondents

Guide to the handling of complaints under the Privacy and Data Protection Act 2014 by the Victorian Civil and Administrative Tribunal

Guidelines to Public Interest Determinations, Temporary Public Interest Determinations, Information Usage Arrangements and Certification

Disclaimer

The Privacy and Data Protection Act 2014 (PDPA) replaced the IPA and established the Office of the Commissioner for Privacy and Data Protection (CPDP) in September 2014. The following material was published by the Office of the Victorian Privacy Commissioner and references the Information Privacy Act 2000 (IPA) current at the time of original publication.

The privacy provisions of the PDPA reproduce those in the IPA with some additions. In particular, the IPA’s ten Information Privacy Principles were incorporated into the PDPA without amendment.

Guidelines to the Information Privacy Principles. Edition 3, November 2011.
The Guidelines deal with the interpretation and application of the IPPs. They include general guidance, case notes and examples to assist public sector organisations to meet their obligations.

Responding to Privacy Breaches Guidelines Edition 1, May 2008.
The purpose of this guide is to provide assistance to organisations subject to the then Information Privacy Act (now Privacy and Data Protection Act) when a privacy breach occurs. Organisations should take preventative steps prior to a breach occurring by having appropriate policies and procedural safeguards in place. This guide is intended to help organisations take the appropriate steps in the event of a privacy breach and to provide guidance in assessing whether notification to affected individuals is required.

Responding to Privacy Breaches Checklist, Edition 1, May 2008.
The checklist has been developed to be used in tandem with the Responding to Privacy Breaches Guide. The purpose of this guide is to provide assistance to organisations subject to the then Information Privacy Act (now Privacy and Data Protection Act) when a privacy breach occurs.