Skip to Content
From Monday 12 September 2020, OVIC's website will no longer be supported in Internet Explorer (IE).
We recommend installing Microsoft Edge, Google Chrome, Safari, Firefox, or Opera to visit the site.

News

OVIC and PROV issue joint statement on minimising the privacy impacts of an incident

  • Data breaches
  • Guidance
  • Joint statement
  • Resource

The Office of the Victorian Information Commissioner (OVIC) and Public Record Office Victoria (PROV) have issued a joint statement regarding how Victorian public sector organisations (organisations) can minimise the privacy impacts of an incident.

This joint statement has been produced in response to an increasing number of organisations failing to take the necessary measures to protect the personal information they hold.

Incidents are inevitable, but organisations can minimise the privacy impacts of a data breach by being prepared.

Although organisations can experience incidents involving any type of public sector information, this statement focuses on incidents involving personal information.

An incident can be caused by many factors, including malicious acts by an external or internal party, human error, or by a failure of an organisation to implement effective information management or security practices.

This statement sets out minimum expectations and basic steps organisations should take to minimise the privacy impacts of an incident.

A number of additional resources and links can be found within the statement for further information on protecting personal information, implementing proper record keeping practices, and responding to incidents.

The statement is available to read and download here.

OVIC and PROV can assist organisations in understanding their obligations to protect the personal information they hold and manage their records appropriately. Contact OVIC at enquiries@ovic.vic.gov.au and contact PROV at agency.queries@prov.vic.gov.au.

Back to top
Back to Top