Skip to Content
From Monday 12 September 2020, OVIC's website will no longer be supported in Internet Explorer (IE).
We recommend installing Microsoft Edge, Google Chrome, Safari, Firefox, or Opera to visit the site.

Guidelines for outsourcing in the Victorian public sector: Checklist

This checklist and the accompanying guide aim to assist Victorian public sector bodies and their contracted service providers to effectively manage the privacy and security of official information (public sector data and personal information) in outsourcing arrangements.

This checklist provides a high level overview of the matters that ought to be considered at each stage of an outsourcing arrangement, by walking through a series of questions to help public sector bodies determine whether they are meeting their privacy and data security obligations under the Privacy and Data Protection Act 2014 (PDP Act).

The accompanying guide explores each question in more detail and explains the relevant requirements under the PDP Act. If you select a response that is shaded orange in the checklist, you are encouraged to refer to the accompanying guide for further guidance. The question numbers in this checklist correspond with the headings in the guide for ease of reference.

Back to top