Skip to Content

Victorian Protective Data Security Standards (VPDSS) Consultation


The purpose of the Victorian Protective Data Security Standards (VPDSS) is to provide a set of criteria for the consistent application of risk-based practices to manage the security of Victorian government information. The Standards are issued under Parts 4 and 5 of the Privacy and Data Protection Act 2014 (PDP Act). Version 1.0 of the standards were issued in 2016.

OVIC has conducted a review following the first reporting period in 2018 and the review recommended the following changes:

  • Simpler language
  • Consolidation of common themes
  • Remove protocols as the continuous improvement principle is covered by the overarching framework (VPDSF)
  • Remove duplicate elements
  • Add new elements where gaps identified

Draft Victorian Protective Data Security Standards (VPDSS) for consultation

Consultation on the Standards is open between 5 July – 9 August 2019. You can view the draft Standards by following the link below.

Download a copy of the draft Standards.

Draft Protective Data Security Plan (PDSP) template

In line with the draft updated Standards, the Information Commissioner is releasing a draft template of the Protective Data Security Plan (PDSP) which addresses the reporting obligations of agencies that are subject to Part 4 or Part 5 of PDP Act for the reporting period ending August 2020.

The PDSP is submitted to OVIC on a biennial basis in compliance with the PDP Act, the Victorian Protective Data Security Framework (Framework) and the Standards.

The draft updated PDSP does not replace the existing reporting obligations of agencies due at the end of August 2019.

More information about what is expected of your agency for the 2019 reporting period can be found here.

Download a copy of the draft Protective Data Security Plan template

How you can be involved

OVIC invites you to provide feedback on the draft Standards. We welcome comments on any aspect, but we ask that you specifically consider important changes in the following areas:

  • Changing the language used throughout to active voice and removing ‘must’
  • Introducing incident notification under Standard 8
  • Including the sources from which the standards have been derived

Please provide us with feedback using the commenting template and emailing

Consultation Roundtables

To provide agencies with the opportunity to ask questions and discuss the draft updated Standards, OVIC will be conducting roundtables in both metropolitan and regional areas. Spaces in these sessions are limited so be sure to reserve your seat.

More information about the consultation roundtables can be found on the VPDSS Consultation Roundtables page.

Back to top

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

I'm interested in

You have Successfully Subscribed!