Australian Agencies Begin Complying with Privacy Code

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Kyle LaHucik

Australian government agencies must bring on a privacy officer and produce a written policy on how to handle personal information, under rules kicking in amid rising concerns over data breaches.

The Australian Government Agencies Privacy Code, which took effect July 1, also requires that departments appoint a senior official to provide “cultural leadership” for promoting privacy values, the Office of the Australian Information Commission said in a statement July 2.

Australia’s privacy regime is the latest to follow increased regulation and legislation in the global data privacy arena. The need for new regulations were underscored in the wake of revelations that Facebook Inc. shared content without users’ consent and Equifax Inc. failed to prevent a massive data breach. The European Union’s General Data Protection Regulation took effect on May 25. And in the United States, state governments are upgrading privacy rules to address data breaches and other privacy concerns.

The new Australian program requires agencies to create written polices called privacy impact assessments to cover “high privacy risk” projects that involve “new or changed ways” of handling personal information, the statement said. Agencies must post these assessments on the agency’s website.

Employees will receive ongoing privacy education and training, and government agencies must regularly assess the “adequacy of its privacy practices, procedures and systems,” the privacy code states.

Request Bloomberg Law: Privacy & Data Security