Skip to Content

OVIC has activated its business continuity plan due to coronavirus (COVID-19) and staff are working remotely. We have published new guidance on coronavirus (COVID-19) and freedom of information, privacy and information security. Please contact us by email where possible, we ask for your patience during this time.

From Monday 12 September 2020, OVIC's website will no longer be supported in Internet Explorer (IE).
We recommend installing Microsoft Edge, Google Chrome, Safari, Firefox, or Opera to visit the site.

Guidance and resources

Guidance

Privacy Management Framework

Guidelines to the Information Privacy Principles

Short Guide to the Information Privacy Principles

Information Sharing and Privacy

Family Violence Information Sharing Scheme and Privacy Law FAQs

Child Information Sharing Scheme and Privacy Law FAQs

Privacy Impact Assessment Template

Privacy Impact Assessment Guide

Getting Executive buy-in for Privacy Impact Assessments

Notifiable Data Breaches Scheme

Managing the Privacy Impacts of a Data Breach

Template for Reporting a Breach to OVIC

Tips to Reduce Data Breaches when Sending Emails

What are phishing attacks and how to protect against them?

Privacy Complaints at OVIC: Guide for Respondents

Guidelines for Outsourcing: Checklist

Guidelines for Outsourcing: Accompanying Guide

Guidelines to Surveillance and Privacy

Guidelines to public interest determinations, temporary public interest determinations, information usage arrangements and certification

Closer to the Machine: Artificial Intelligence e-book

IPP 2 Pocket guide

Protecting privacy while sharing information under the new Part 6B of the Health Services Act 1988: Guidance for practitioners

Collaboration tools and privacy

Workplace Privacy

Privacy and coronavirus (COVID-19)

How to respect privacy and protect public sector information when working remotely – tips for VPS employees

Social Media and privacy FAQs

Drafting a privacy policy

Drafting a collection notice

Model Terms for Transborder Data Flows

De-identification and privacy – Considerations for the Victorian public sector

Guidance for the VPS on the GDPR

Removal of ‘imminent’ from the IPPs and HPPs

Local councils and privacy FAQs

‘Unique identifier’ under the Privacy and Data Protection Act 2014

Privacy by Design

Biometrics and privacy

Research Papers

Understanding culturally diverse privacy – Aboriginal and Torres Strait Islander Peoples’ Perspectives

Internet of Things and privacy

Protecting unit-record level personal information

Artificial intelligence and privacy issues paper