Implementation of Privacy in Government

About This Presentation

Title:

Implementation of Privacy in Government

Description:

ID theft rampant; options limited By Bob Sullivan MSNBC. May 29 The State of California leaks the direct deposit records of 260,000 employees. ... – PowerPoint PPT presentation

Number of Views:41

Avg rating:3.0/5.0

Slides: 14

Provided by: MF83

Category:

more less

Transcript and Presenter's Notes

Title: Implementation of Privacy in Government

1

Implementation of Privacy in Government NRE
Privacy Implementation Strategy Jennifer
Berensen, Manager Privacy, NRE
2
Why Privacy?

ID theft rampant options limited
By
Bob Sullivan
MSNBC
May 29 The State of California leaks the direct
deposit records of 260,000 employees. A BankOne
employee sells hundreds of customer records to a
ring of identity thieves. Criminals gain access
to Ford Motor companys credit
reference firm and order 13,000 credit reports.
An insurance company whose name still has not
been disclosed gives information on patient
illnesses to a marketing firm. Its been a bad
month for personal privacy, a good one for
identity thieves. And it has experts asking Will
all of us eventually be victims?

3
Privacy Legislation

3 new privacy statutes come into force within 10
months
Privacy Amendment (Private Sector) Act
2000(21/12/2001)
Information Privacy Act (Vic) 2000(1/9/2002)
The Health Records Act (Vic) 2000(1/7/2002)

4
New Style of Legislation

Light touch, principle based, technology neutral,
self regulatory ie require application of
professional judgement, tests of reasonableness
person in the street expectations
More control in the hands of the data subject
Require openness, transparency and respect from
organisations

5
Resistance to Change

Privacy requirements are not necessarily a
restriction - they can be an opportunity
Increased accountability
Understanding and optimising data management and
information flow
Intellectual rigor Funding

6
4 Key Change Management Themes

Environment the enabling of change through the
development of a privacy aware culture and
communication strategies
Education the provision of sufficient knowledge
and understanding for staff to successfully
interpret the legislation and implement it in
their workplace
Engineering the provision of tools to undertake
analysis of current information handling
activities, analyse privacy risks and develop
privacy compliant work practices
Enforcement the monitoring and auditing of
compliance

7
Privacy and NRE

NRE collects a range of Personal Information
Over 200 services
Customer Service Centre
Ecommerce/ebusiness initiatives
Personnel Records
Business Partners also collect personal
information

8
NRE Privacy Strategy

Privacy Communication Strategy Branding, news
articles, awareness presentations, publications,
website launch, flyers, stickers, posters,
telephone hotline and email enquiry function as
well as Ministerial and Executive briefings
Privacy Training Cross departmental training for
functional groups,staff development training
calendar (Privacy Training for managers and
staff), web based privacy orientation training
Privacy Tools (web and paper) Privacy Policy,
NRE specific guidelines, privacy checklists,
privacy audit questionnaire and implementation
framework etc.
Privacy Consultancies (Personal Information
Audit, Privacy Risk analysis, Privacy Improvement
Plans)
Privacy Audit (inclusion in organisational
reporting)

9
Key Success Factors

Identification and engagement of key stakeholders
Integration with existing communication channels,
management forums, risk management/audit
frameworks, and procedures
Leverage, Leverage, Leverage with the use of
technology
Build on existing good practice to meet
compliance requirements
Translation of the privacy principles into plain
English for day to day workplace activities- use
anecdotes

10
(No Transcript)
11
Implementation Check List