Privacy_Assignmentv2.docx Page 1 of 3
Privacy: Your Responsibilities
Welcome to the Module – Privacy: Your Responsibilities.
This self-study guide has been developed so that you, as a prospective IT Professional, understand your
ole and responsibilities in regard to protecting your client’s personal and private information.
Privacy requirements in Australia: The near mandatory need to be “online” in the increasingly global
economy has driven business forward in leaps and bounds in Information and Communication
Technology. This technological growth has been an enabling tool for business. Increases in the speed of
esponse of systems and the internet have provided flexibility and accessibility
inging great benefits to
usiness and clients. Client information and requirements are now accessible from all corners of the
Globe.
This presents a dilemma; that of how we secure information that we, as business IT professionals, are
charged with caring for. Australia has a Privacy act that governs what we must do to ensure protection
of personal, sensitive data. The act is constantly being updated to cater for these new technological
advances. Keeping up to date with these changes is paramount in being successful in securing private
data.
To complete this Module you will need access to the internet.
Try to search for different types of Privacy Legislation in Australia, or you can go to
http:
www.oaic.gov.au/.
Please enjoy learning about the Privacy act and how it relates to you as an IT Professional.
Feel free to contact your trainer if you require any assistance.
http:
www.oaic.gov.au
Privacy_Assignmentv2.docx Page 2 of 3
In order to understand the impact of
eaches of trust in relation to personal information storage please
list down the information that organizations hold that you believe are private.
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Now read the article ‘Privacy Impact Assessment Guide’. You can search the internet for this or retrieve
it from the government’s privacy website. Pay particular attention to the section named ‘What is
personal information?’ to explore what may be deemed as personal, private information.
The article also has some very relevant information on how we can address and plan for change whilst
protecting personal information. Note when it was written and decide if it is up to date. Is it still useful?
Now go to the Australian Computer Society (ACS) website and read the Code of Professional Conduct.
We as IT professionals have a responsibility to maintain a high standard of Professional Conduct or
ethical behaviour in the workplace. We are entrusted with a large amount of control over and access to
information and data of our clients. Often we are communicating with clients who know little of our
industry and we have a responsibility not to take advantage of this situation.
Now read the Privacy Act of Australia and become familiar with the content and spirit of the act. This is
a very large document with a lot of legal jargon. It may be best to focus on the Privacy Principles and
look for some executive summaries of the Act.
Privacy_Assignmentv2.docx Page 3 of 3
Assignment
Your assignment for this module is to review a company’s privacy policy and compare this to the Privacy
Act of Australia (hint:- most websites have one). You must compile a report that addresses any issues
that you have noticed. If you cannot locate a suitable one, your trainer will be able to provide one.
Internet research is the main vehicle to gather required content for your assignment. Ensure you have
esearched sufficiently to provide a detailed, relevant report. Ensure co
ect referencing is used,
Harvard type.
Report 1250 words maximum.
12pt font single spaced.
- Access and become familiar with the cu
ent Australian Privacy Act.
- List areas of concern addressed by the Act, e.g. Financial, Health, etc.
- Read and analyse a business privacy policy based on what you have learned about the Act.
- Report your findings listing any short comings or areas in excess of the Act.
- Make recommendations for changes to the policy to ensure compliance of the Act.
- Demonstrate how you would disseminate the suggested changes to all stakeholders.
There are many government reports and findings on the impacts of the privacy act that you may find
useful in your analysis process. There is also international governance that may assist you in compiling
your report and give you understanding of international context.
Some of these are…
United States
Sa
anes-Oxley Act of 2002 (SOX)
Gramm-Leach-Bliley Act (Financial Modernization Act)
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and
Obstruct Te
orism Act of 2001 (USA Patriot Act)
Canada
The Personal Information Protection and Electronic Documents Act
Europe
European Union Data Protection Directive (EUDPD)
Japan
Japan’s Personal Information Protection Act.