Protective Data Security Plan submission

The Privacy and Data Protection Act 2014 (Vic) requires Victorian public sector (VPS) organisations to:

adhere to the Victorian Protective Data Security Standards (VPDSS);
undertake a security risk profile assessment (SRPA);
and develop, implement and maintain a Protective Data Security Plan (PDSP).

VPS organisations must submit a PDSP to OVIC every two years, or sooner in the event of significant change. This page outlines more information about PDSP submission.

PDSP form

Single organisation PDSP Reporting

If you require a PDSP template, please contact security@ovic.vic.gov.au.

Multiple organisation PDSP Reporting

Organisations intending to submit a multi-organisation PDSP on behalf of one or more entities must contact OVIC at security@ovic.vic.gov.au and confirm the list of subsidiary entities they will be reporting with.

PDSP submission options

Submission options vary, depending on the protective marking assigned to the PDSP.

PDSPs with a Protective Marking of OFFICIAL or OFFICIAL: Sensitive

Submission Protocol Option 1:

Email your PDSP to:
security@ovic.vic.gov.au

Submission Protocol Option 2:

Post your PDSP in a single opaque envelope with no protective marking labelled on the outside to:
PO Box 24274
Melbourne VIC 3001

Submission Protocol Option 3:

Hand deliver your PDSP to:
121 Exhibition Street
Melbourne VIC 3001

Please note: A prior appointment must be made with a member of the Information Security Unit.

PDSPs with a Protective Marking of PROTECTED

Submission Protocol Option 1:

Deliver your PDSP by safe-hand (i.e. delivered in person by an authorised messenger) to:
121 Exhibition Street
Melbourne

Please note:

A prior appointment must be made with a member of the Information Security Unit
Ensure the PDSP is secured using a ‘double barrier’ method. For further information, please seek advice from the Information Security Unit.

Submission Protocol Option 2:

Deliver your PDSP by SCEC-endorsed courier to:
121 Exhibition Street
Melbourne

Please note:

A prior appointment must be made with a member of the Information Security Unit
Ensure the PDSP is secured using a ‘double barrier’ method. For further information, please seek advice from the Information Security Unit.

PDSPs with a Protective Marking of SECRET

If your PDSP is assessed as containing security classified information as SECRET, please contact us and speak to a member of the Information Security Unit.

__PRESENT

__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT