Celebrating Privacy Awareness Week 2024 with free resources and guidance
It’s our favourite (work-related) week of the year, so for every day of #PAW2024 we have free resources and guidance to help you out.
The theme for Privacy Awareness Week 2024 is ‘Power up your privacy’.
Use our resources to power up privacy in your organisation: spread privacy awareness, improve data literacy, and build privacy risk management capability.
Monday: Where should I start?
Perhaps you have just been handed privacy compliance on top of your other responsibilities, and you want to know what your job is supposed to entail. Or maybe you are advising a start-up with no privacy management program in place, and want to figure out where to begin.
Or you might be an experienced Privacy Officer, in an established organisation, and just want to check if there are any gaps in your privacy management program that need filling.
Where do you start?
Download a copy of the 2024 edition of our free guide, The Privacy Management Handbook. It will help you get started, and link you to other resources you might find useful along the way. The Handbook covers everything from first steps and establishing processes to managing risk and what to do when things go wrong. Plus how to spread the privacy message internally, and look after your own professional development.
Not-so-free stuff: Our next “Privacy Officer Essentials” small group workshop is on 12 + 14 August – register now so you don’t miss out.
Tuesday: What is ‘personal information’?
It’s the threshold definition on which all the privacy rules depend. Yet there is plenty of confusion about what is personal information, when someone is reasonably identifiable, and what ‘de-identified’ means.
Start by reading this explainer on the definition of ‘personal information’.
Then download our free handout De-identification: the identifiability continuum and privacy law.
Not-so-free stuff: Our De-identification Bundle includes an eLearning module to help you gain an overview of what de-identification means (in law, and in practice), how de-identification works (and when it doesn’t), and how to speak the language of data scientists, researchers and statisticians. Plus an eBook for more detailed illustrations of how each different technique works and their relative strengths and weaknesses, as well as a checklist of risk assessment factors to consider.
Wednesday: What does the Privacy Act require?
Check out our blog on Privacy 101. Plus we have this explainer about notice and consent. Start there, then read the privacy principles for your jurisdiction.
For those of you regulated by the Australian Privacy Act, we also have a free handout on the Seven steps to prepare for law reforms.
Not-so-free stuff: We have a more detailed (but still awesome and plain language) guide to The Privacy Act in a Nutshell. You can grab the guide on its own, or with our recorded webinar explaining the proposed reforms, in our Privacy Act Reforms Bundle.
Plus of course our flagship privacy compliance online training module. Choose your jurisdiction: the Australian Privacy Act; NSW privacy laws; or NEW: Victorian privacy laws.
You can see examples in this 90 second video, showcasing how our online privacy compliance training has been customised for different organisations, and your options for hosting, monitoring and reporting on staff progress.
Thursday: Arghhhh – data breaches!
Like death and taxes, data breaches can feel inevitable. But there are steps you can take to help prevent them – and manage them well.
First, prevention. Good privacy practices like data minimisation will help to reduce your exposure in the first place. See our blog on cyber risk for more tips, as well as the free Privacy Management Handbook.
Second, remember that data breaches can be caused not only by malicious outsiders, but also by human error and occasionally deliberate misuse. See this blog for examples of ‘trusted insider’ risk, and how to minimise it.
Third, how you respond after a data breach makes a huge difference to whether you regain your customers’ trust, or make things worse. See this analysis of lessons learned from a data breach handled badly.
And finally, failure to plan is a plan to fail. So make sure you have a robust data breach response plan or procedure in place!
Not-so-free stuff: We have a template Data Breach Response Procedure to reflect the requirements for each of the following sectors:
- Businesses and Non-profits
- Australian Government agencies
- NSW public sector
- Victorian public sector
- NEW: Queensland public sector (to reflect the in-coming scheme, ready for 2025)
For the template procedure to suit your organisation, check out the ‘Essentials’ or ‘Everything’ package of resources in the Compliance Kits for your sector.
Friday: How can we manage privacy risks?
Check out our free video: Getting a clear view: take-aways from recent OAIC determinations. We ran this webinar with the OAIC on what privacy regulator is looking for in your privacy management program, and the lessons we can learn from key regulatory actions.
Want to know more about how to conduct a Privacy Impact Assessment (PIA), or how to embed PIAs in your organisation? Start by reading about the Seven habits of effective PIAs, and then move on to this explainer about How to build a PIA Framework.
For managing privacy risks in AI and algorithmic systems, download our free handout on the 16 questions to ask of your algorithmic system.
Not-so-free stuff: Our PIA Pack is jam-packed with resources like templates, checklists and training modules to help you build a PIA Framework, and conduct effective PIAs. It also includes a copy of our guide Algorithms, AI, and Automated Decisions – A guide for privacy professionals.
Plus in September we have our next small group workshop on PIAs and Privacy Design.
Still want more free stuff?
If you are wrestling with how your organisation can best make decisions about secondary data use, which are legal, ethical, and respectful of your customers, watch the video of our free Masterclass in Data, Privacy and Ethics. You will hear about research into community attitudes and customer trust; and we offer a pragmatic way to navigate legal and ethical obligations, and gain the social licence needed to use data effectively.
HAPPY #PAW2024!
Whether you need the basics for a start-up, advice about a particular risk area, plain language walk-through guides to the law, or resources to help you stand up a comprehensive privacy management program, we have guidance and tools to suit. With easy-to-use templates + Salinger Privacy know-how via checklists, briefing papers, decision trees and more, we can help you navigate privacy law and practice.
Check out the range of Compliance Kits for your sector – for organisations regulated by the Australian, NSW, Victorian or (NEW!) Queensland privacy laws.