Salinger Privacy

  • About
    • About Salinger Privacy
    • Videos, Podcasts and Media Mentions
    • Work with us
  • Consulting
    • Our Consulting Services
    • Privacy Impact Assessment
    • Privacy by Design advice
    • Algorithmic Impact Assessment
    • Privacy Compliance Reviews
  • Training
    • Overview
    • Training Calendar
    • Public Courses and Workshops
    • In-house Privacy Training and Workshops
    • Online Training
    • Webinars
    • IAPP Certifications
    • Training Advisory Services
    • Login
  • Privacy Resources
    • Privacy Resources
    • Compliance Kits
    • Resources on key privacy topics
    • Free Handbook
    • Newsletter
    • Login
  • Who We Are
    • Anna Johnston
    • Melanie Casley
    • Andrea Calleia
    • Stephen Wilson
    • Chris Culnane
  • Blog
  • Contact
  • Compliance Kits
    • For Business
    • For NSW Public Sector
    • For Victorian Public Sector
    • For Australian Government
    • Login

The Tribunal is curious: is your privacy program up to scratch?

January 29, 2015, Anna Johnston

Share this post

Share this post on twitter Share this post on Linkedin Share this on Facebook

Does your organisation have a program to train staff about their privacy obligations?  Have you identified technical or procedural ways to minimise the risk of privacy breaches such as unauthorised access to records?

If you can’t point to demonstrable and proactive steps you have taken to prevent privacy breaches, your organisation could be found in breach of the Data Security principle.  That’s the takeaway message from a recent case involving WorkCover NSW.

In a case involving the internal circulation and storage of a complainant’s psychiatric report, the NSW Civil & Administrative Tribunal was unimpressed with the ‘passwords and access cards’ security safeguards as described by WorkCover, and found the government agency in breach of Health Privacy Principle 5, the Data Security principle in the Health Records & Information Privacy Act 2002 (NSW).  The Tribunal instead articulated a number of steps which together it would have considered ‘reasonable safeguards’ to protect health information, including tracking read-only access to electronic files, procedures to restrict access to particularly sensitive types of information, and a program of repeatable staff training about privacy obligations.

One way to quickly implement an enterprise-wide privacy compliance training program is to use e-learning.  E-learning offers your staff flexibility of timing, and you could adopt a requirement for staff to repeat the course every few years, without any incurring additional cost.

We have recently refreshed our Privacy E-learning Program, updating both the style and the content.  We now include more interactions to focus the learner’s attention, and we have streamlined the product development process – which means the cost for you has come down too!

Unique amongst privacy compliance training providers, we customise both the style and content of our Privacy E-learning Program, to meet our clients’ needs.  So if you choose Salinger Privacy for your compliance training needs, you can quickly roll-out privacy awareness training across your organisation, knowing that it reflects your branding and the privacy law that actually applies to you – not some generic version.

Our customisation also includes particular privacy messages and tips, that we design in consultation with you, to ensure that they are relevant for your staff.  Take a look at our Demo module, or see more information here.

 

Photograph © Shutterstock

Filed Under: Uncategorized

If you enjoyed this blog, subscribe to our newsletter to receive more privacy insights and news every month.

Privacy Compliance Kits

Recent Posts

  • OAIC determinations shed light on when data is regulated as ‘personal information’
  • Big Tech, Individuation, and why Privacy must become the Law of Everything
  • Should birds of a feather be FLoC’d together?
  • Why can’t Aunty get the ABCs of privacy right?
  • Privacy law reform in Australia – the good, the bad and the ugly
  • Between 7 and 11 lessons you can learn from the latest OAIC privacy case
  • Privacy and gender: what to ask, when and why
  • What covid apps can teach us about privacy, utility and trust in tech design
  • Cat or carrot? Assessing the privacy risks from algorithmic decisions
  • Not too much identity technology, and not too little

Archive

  • 2022
  • 2021
  • 2020
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015

Search

Salinger Privacy we know privacy inside out

Salinger Privacy can help you navigate the complexity of the regulatory environment, and ensure the trust of your customers.

CONTACT US

T: 02 9043 2632
PO Box 1250, Manly NSW 1655
Email Enquiry

© Salinger Consulting Pty Ltd
ABN 84 110 386 537

Our Privacy Policy

Subscribe to our newsletter.

These details will be added to our mailing list to receive the Salinger Privacy eNews and Product News newsletters. You can unsubscribe or adjust your preferences at any time, from the bottom of any newsletter.