Skip to Content

- For guidance and resources on how to interpret and administer the Freedom of Information Act 1982 (Vic) including how to process FOI requests, calculate access charges and more visit FOI resources for agencies.
  
  Popular FOI links
  
  Practice notes
  
  Templates
  
  Professional Standards
  
  Decisions and case notes
  
  Due date calculator
- For guidance and resources on privacy obligations including the Information Privacy Principles, how to undertake privacy impact assessments and more visit Privacy resources for organisations.
  
  Popular privacy links
  
  Privacy Officer Toolkit
  
  Information privacy principles
  
  Information sharing and privacy
  
  Managing the privacy impacts of a data breach
  
  Report a privacy breach
- For guidance and resources on how to protect public sector information including how to implement the Victorian Protective Data Security Framework and Standards and more visit Information security resources.
  
  Popular information security links
  
  Victorian Protective Data Security Framework
  
  Victorian Protective Data Security Standards
  
  Reporting obligations hub
  
  Notify OVIC of an information security incident
  
  Victorian Information Security Network
- Privacy Awareness Week
  
  Regulatory actions and investigations
  
  Learn about what we do
  
  News and media
  
  Annual reports
- In Victoria you have the right to access documents held by government, to ask for your personal information to be amended, to make a complaint about the handling of your FOI request and to request an independent review of an FOI decision. Visit FOI resources for individuals for more guidance on your FOI rights.
  
  FOI resources for individuals
  
  How to make an FOI request
  
  Find the contact details of an agency
  
  Make an FOI request online
  
  Learn how to make an FOI complaint
- In Victoria you have privacy rights when interacting with government organisations which limit what personal information can be collected, how it is used and disclosed. If you suspect your privacy rights have been breached by a Victorian government organisation you can make a complaint to OVIC. For more guidance on privacy rights visit privacy resources for individuals.
  
  Privacy resources for individuals
  
  Your privacy rights
  
  Make a privacy complaint
  
  Guidance on data breaches
- Learn more about OVIC including our functions, Commissioners and structure.
  
  News and media
  
  Annual reports
  
  Our strategic plan
  
  Gender equality action plan
Events and education

From Monday 12 September 2020, OVIC's website will no longer be supported in Internet Explorer (IE).
We recommend installing Microsoft Edge, Google Chrome, Safari, Firefox, or Opera to visit the site.

Victorian
Protective Data
Security Framework

VPDSF 2.0

Document details

This work is licensed under a Creative Commons Attribution 4.0 International License

Attribution

Material obtained from this website is to be attributed as:
© Office of the Victorian Information Commissioner

For more details about copyright in relation to publications provided on this website go here

ISBN 978-0-6486723-6-4

VPDSF Document Details

wdt_ID	&nbsp	&nbsp
1	Protective Marking	N/A
2	Approved for unlimited public release	Yes – Authorised for release
3	Release Date	February 2020
4	Review Date	February 2021
5	Document Version	2.0
6	Authority	Office of the Victorian Information Commissioner (OVIC)
7	Author	Information Security Unit – OVIC

VPDSF Changelog

wdt_ID	Version	Publish Date	Amendments in this section
1	1.0	June 2016	N/A
2	1.1	March 2018	• Change references of ‘Commissioner for Privacy and Data Protection’ to ‘Office of the Victorian Information Commissioner’ • Change references of ‘CPDP’ to ‘OVIC’ • Change references of ‘PDPA’ to ‘PDP Act’ • Replace ‘Foreword’ with new Deputy Commissioner’s foreword • Insert new section on Victoria Police and the Crime Statistics Agency • Removed reference to annual security attestation in section 12 • Change ‘protocol’ descriptor • Insert reference to ‘elements’ • Insert reference to Part 5 – Assurance Model in section 17 for more information • Insert reference to Enterprise Solutions Branch in Section 19 • Remove ‘sensitive and significant (valuable)’ in section 20 • Updates to some control references • Change Part 5 – Assurance Model – various including revised reporting obligations • Insert new section on single/multiple organisation reporting • Insert new section on the 5-step action plan
3	2.0	February 2020	Content amended to reflect the monitoring and assurance activities of VPS organisations and OVIC.Relevant content from V1.0 of the Framework is available under the VPDSF Resources section of the OVIC website.