The sessions are as follows:
- 18 June: Privacy Awareness Week panel discussion: Privacy – it’s everyone’s business – from 11am to 2pm.
- 19 June: Privacy Awareness Week lightning talk – Privacy is everyone’s business, but only access what you need – from 2 to 2,30pm
This is a great opportunity for organisations to strengthen their knowledge and approach to Privacy.
Organisations funded via the Service Agreement have contractual and legislative obligations under the Privacy and Data Protection Act 2014 (Vic) (PDP Act), the Health Records Act 2001 (Vic) (HR Act) and in some circumstances, the Privacy Act 1988 (Cth) (Privacy Act).
Organisations are also bound by: Information Privacy Principles contained in the PDP Act; the Health Privacy Principles contained in the HR Act; and any applicable code of practice made under the PDP Act or the HR Act.
Clause 17 of the Service Agreement outlines the Privacy, Data Protection and Protected Disclosure obligations of funded organisations. Organisations are required to comply with the department’s policies to report, investigate and respond to privacy incidents and data breaches and to follow directions provided by the department in response to an incident. Failure to comply with these obligations is a breach of an organisation’s Service Agreement with the department. The information regulator, Office of the Victorian Information Commissioner (OVIC) may also investigate and undertake public reporting of an incident if appropriate.