Skip to Content

What is data protection?

Part 4 of the Privacy and Data Protection Act 2014 (Vic) outlines protective data security and focuses on public sector information maintaining its:

  • confidentiality – information is accessed by the right people;
  • integrity – information is accurate, complete and up to date; and
  • availability – people have timely and reliable access to information.

This is achieved through the implementation of protective measures across:

  • governance including executive sponsorship of and investment in security management, utilising a risk based approach, security policies and procedures, training, business continuity, security incident management, external party engagement and oversight;
  • information security including protection of information across the information life cycle from when it is created to when it is disposed or destroyed;
  • personnel security including. engagement and ongoing management to ensure the continued eligibility and suitability of people accessing official information;
  • information and communication technology (ICT) security including secure communications and technology systems processing or storing information; and
  • physical security including facilities, equipment and services and the application of physical security measures to protect information.

This means that any public sector information a Victorian public sector organisation holds is protected from unauthorised access, disclosure and use.

Back to top