Get ahead in all things VET. Become a member today.
      Forgot password?
Sign up or sign in

Your Cart

VET News

  • VET News
  • Need Help Meeting Privacy Obligations? Get Transparent!

This week in VET

Get In Before End of Financial Year to Secure Early Bird Rate
Jun 27, 2019

Updates from the National VET Regulator
Jun 27, 2019

Custom Designed for VET Practitioners
Jun 27, 2019

AISC Communique Now Available
Jun 27, 2019

Reminder Quality Indicator Data Due 30 June 2019
Jun 27, 2019

ABS Data Indicates Increased Uptake of Digital Tech by Businesses
Jun 27, 2019

Teachers and School Leaders as Lifelong Learners
Jun 27, 2019

Your Feedback is Being Sought: Waste in or waste out?
Jun 27, 2019

VET Newsletters – 27 June 2019
Jun 27, 2019

Latest Publications – 27 June 2019
Jun 27, 2019

Media Releases – 27 June 2019
Jun 27, 2019

We hope you’ve enjoyed this abridged version of our weekly Member eNews.
Jun 27, 2019

Need Help Meeting Privacy Obligations? Get Transparent!
Jun 27, 2019

Are you getting the most out of your “Software as a Service” providers?
Jun 27, 2019

Need Help Meeting Privacy Obligations? Get Transparent!

Need Help Meeting Privacy Obligations? Get Transparent! image

TRANSPARENT is a quarterly newsletter providing information to help meet privacy obligations under the Student Identifiers Act 2014 (SI Act) and the Privacy Act 1988 (Privacy Act).

Published by the Unique Student Identifier (USI) Office and written in collaboration with the Office of the Australian Information Commissioner (OAIC), the regulator of the Privacy Act, TRANSPARENT focuses on why it is important for organisations to have a plan for responding to data breaches and to notify the OAIC when required.

The education sector was one of the top five sectors to notify data breaches to the OAIC during the October to December 2018 quarter.

The three most common causes of the data breaches were:

  • human error (such as sending personal information to the wrong recipient, loss of paperwork or data storage device, or insecure disposal of personal information)
  • malicious or criminal attack (such as cyber incidents or deliberate actions by rogue employees)
  • system fault (such as IT system errors)

Each data breach response needs to be tailored to the circumstances of the incident. In general, a data breach response should follow four key steps: contain, assess, notify and review.

If your organisation is an Australian Privacy Principles (APP) entity and a data breach (or suspected data breach) occurs, you may be required to notify affected individuals and the OAIC under the Notifiable Data Breaches (NDB) scheme.

The NDB scheme only applies to data breaches that are likely to result in serious harm to one or more individuals, and in circumstances where your organisation has been unable to prevent the likely risk of serious harm with remedial action.

‘Serious harm’ is not defined in the Privacy Act. In the context of a data breach, serious harm to an individual may include serious physical, psychological, emotional, financial, or reputational harm.

To know more about what to do in a case of data breach, and to read the full version of Transparent, please see the USI website.

Date posted Jun 27, 2019

Contact us

Need some help? Visit our help section to get answers to your questions.

start livechat

(07) 3866 0888

send an email