Privacy and Data Protection Deputy Commissioner commences examination of privacy and security in Victorian higher education
Victoria’s Privacy and Data Protection Deputy Commissioner has commenced an examination into the protection of personal information in Victorian universities.
The governance practices and policies of eight Victorian universities that have privacy obligations under the Privacy and Data Protection Act 2014 (Vic) (PDP Act) will be examined.
The examination will consider each university’s approach to identifying and managing security risks to personal information and supporting policy documentation.
The purpose of the examination is to ensure that Victorian universities protect personal information as required by the Information Privacy Principles (IPPs). The IPPs are the foundation of privacy law in Victoria and set out the minimum standard for how Victorian public sector organisations should manage personal information.
IPP 4.1 requires Victorian public sector organisations to take reasonable steps to protect the personal information they hold from misuse, loss, unauthorised access, modification, and disclosure. To comply with IPP 4.1, organisations should identify security risks to the personal information they hold and take reasonable precautions to manage those risks.
At the conclusion of the examination the Privacy and Data Protection Deputy Commissioner will prepare a report outlining the results of the examination.
For media enquiries contact:
t: (03) 8684 7585
For enquiries about privacy in Victoria contact:
Office of the Victorian Information Commissioner (OVIC)
t: 1300 006 842