The Protiviti View  | Insights From Our Experts on Trends, Risks and Opportunities

The Protiviti View

Insights From Our Experts on Trends, Risks and Opportunities
Search

POST

2 mins to read

Privacy Act 1988 Review: A Compliance Burden or Welcome Change?

Larger Font
2 minutes to read

It has been more than two years since the Attorney-General’s Department announced it would be undertaking a review of the Privacy Act 1988. The review will likely result in the most substantial amendment to the Act since what we now know as the Australian Privacy Principles (APPs) were introduced in 2000. The objective of the review “will consider whether the scope of the Privacy Act 1988 and its enforcement mechanisms remain fit for purpose”. Notable areas under consideration for reform in the review’s Terms of Reference include:

  • The definition of “personal information”;
  • Current exemptions;
  • Erasure/deletion of personal information;
  • The impact and effectiveness of the notifiable data breach scheme; and
  • The feasibility of an independent certification scheme for organisations to demonstrate compliance with Australian privacy laws.

What has happened since

The review was initially scheduled to commence in October 2020 but has experienced delays. Following the Department’s invitation for submissions in response to a published issues paper, the volume of interest and responses has been positive with many notable organisations providing feedback and opinions on areas of the current Act for reform. By the close of submissions, the department had received responses from private sector organisations such as Facebook, Atlassian and Google, as well as public sector agencies, academics and research centres, and even the Office of the Australian Information Commissioner (OAIC) itself.

Following a review of submissions received, the Department published a Discussion Paper in late October 2021. The Discussion Paper sets forth a number of proposed amendments to the Act. The Department requested responses to the Discussion Paper and the proposed amendments, seeking “more specific feedback on preliminary outcomes, including any possible options for reform”. The consultation period closed on 10 January 2022.

What is going to change

The Attorney-General’s Department’s Discussion Paper has proposed reforms to the Act in three key areas:

  1. Scope and application of the Privacy Act 1988;
  2. Protections afforded to individuals and their personal information; and
  3. Regulation of the Act and enforcement powers.

To learn more about what is going to change, the impact, and potential action items, read our paper.

Was this post helpful to you?

Thanks for your feedback!

Subscribe to The Protiviti View Blog

To face the future confidently, you need to be equipped with valuable insights that align with your interests and business goals.

In this Article

Authors

Marc Coleman

By Marc Coleman

Verified Expert at Protiviti

EXPERTISE

Ewen Ferguson

By Ewen Ferguson

Verified Expert at Protiviti

EXPERTISE

No noise.
Just insights.

Subscribe now

Related posts

Article

What is it about

What you need to know: Aging systems, data silos, regulatory pressures and talent gaps complicate enterprise transformation for public utilities....

Article

What is it about

The top priority for healthcare internal auditors this year is cybersecurity, according to a survey by Protiviti and the Association...

Article

What is it about

The big picture: C-suite leaders in traditional aerospace and defense (A&D) companies are launching and growing their aftermarket services and...

Search