The Information and Privacy Commission (IPC) has launched a revised IPC Privacy Self-assessment Tool following a review and consultation with NSW Agencies.
Privacy Commissioner, Samantha Gavel said the Privacy Self-assessment Tool enabled Agencies to assess their systems and policies to ensure their compliance with privacy requirements under the Privacy and Personal Information Protection Act 1998 (PPIP Act) and the Health Records and Information Privacy Act 2002 (HRIP Act).
“The revised tool has been designed so that Agencies can perform an assessment of their privacy governance maturity while also tracking their progress in improving their privacy practices,” Ms Gavel said.
“[It] is an invaluable resource which will greatly assist all NSW Agencies in assessing their privacy governance and practices,” she said.
“Leaders who recognise the importance of good personal information handling in delivering services and building the trust of their customers, and actively encourage staff to embed privacy in their business processes, will make privacy core to the business and not just a compliance issue.”
With the Mandatory Notification of Data Breach (MNDB) Scheme coming into effect on 28 November, Ms Gavel encouraged all Agencies to visit the Tool ahead of this date.
She said the revised Tool built upon the previous version and now featured three components that worked together to assess, track and plan for governance maturity.
The three components include:
* A Maturity Matrix – a framework that describes the difference areas of practice to be assessed and what maturity looks like at each level;
* A Survey – the survey is used to collect data from various areas of the agency on the nature and effectiveness of their Agency’s governance practices; and
* A Management Document – this provides a space for Agencies to record their level of maturity, as well as plan and track activities to improve maturity.
“To assist Agencies in navigating the new Tools, the IPC has released a demonstration video outlining each of the components and how to use them effectively,” the Commissioner said.
IPC’s Privacy Self-assessment Tool and demonstration video can be accessed at this PS News link.