The Privacy and Data Protection Act 2014 (Vic) commenced on 17 September 2014, repealing the Information Privacy Act 2000 (Vic).
The inaugural Privacy and Data Protection Commissioner is David Watts, who had been the Acting Privacy Commissioner and the Commissioner for Law Enforcement Data Security.
The Commissioner has recently released Guidelines to Public Interest Determinations, Temporary Public Interest Determinations, Information Usage Arrangements and Certification. These are new mechanisms introduced by the Privacy and Data Protection Act.
Public Interest Determinations, Temporary Public Interest Determinations and Information Usage Arrangements enable public sector organisations to obtain an exemption from an Information Privacy Principle. Certification gives public sector organisations confidence that their information handling practices comply with the Information Privacy Principles.
In other recent developments:
- The Commissioner has announced that he is aiming to issue the new Victorian protective data security standards by 30 June 2015 following a period of consultation. Most public sector organisations (excluding universities, councils, public hospitals and ambulance services) are required to comply with these standards.
- The Commissioner has expressed concern over public sector mobile apps, noting that 97% apps reviewed by the Commissioner had inadequate or confusing privacy information.
If you would like to find out more about these matters, or if you need assistance with updating your privacy policies in light of the commencement of the new Act, please contact Melanie Olynyk, Partner.