Privacy Awareness Week is about the simple foundations we can put in place to protect our and the community’s confidential information. The ACSC Annual Cyber Threat report 2020-21 recorded that self-reported losses from cybercrime total more than $33 billion, with an increase in the reported average severity and impact.
The Privacy Awareness Week campaign theme for 2022 is ‘Privacy – The Foundation of Trust’, which couldn’t be more applicable to Aurion. Protecting data is essential to our operations; our customer community trusts us with their personal information, and we handle it with integrity and care. Aurion is a registered supporter of Privacy Awareness Week, along with our parent company RGF Staffing APEJ.
It’s easy to build good habits
The Office of the Australian Information Commissioner (OAIC) outlines effective building blocks for a solid foundation of online privacy, with tips for individuals, businesses and government agencies.
It’s important to talk about privacy with your friends and family, and especially children. We may take the online world for granted, but you can’t do the same for the privacy of your personal information, and good habits in life start early.
What’s personal information?
Personal information is defined in the Privacy Act as “information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether recorded in a material form or not”.
Information doesn’t need to have a name attached to it to be ‘personal information’. A person can also be identified if information can be linked with other information to work out personal details about who they are by deduction.
Your responsibility for privacy
The Australian Privacy Principles (or APPs) are the cornerstone of the privacy protection framework in the Privacy Act. There are 13 Australian Privacy Principles, and they govern standards, rights and obligations around:
- the collection, use and disclosure of personal information
- an organisation’s governance and accountability
- integrity and correction of personal information
- the rights of individuals to access their personal information.
Australian Government agencies and organisations with an annual turnover more than $3 million (subject to some exceptions) are obliged under the Privacy Act to give individuals who’s private information is in their possession a level of control over the way their information is handled, and report any unauthorised interference, such as a data breach.
What’s a data breach?
A data breach occurs when personal information held by an entity is subject to unauthorised access or disclosure, or is lost. Examples of data breaches include the:
- loss or theft of physical devices (such as laptops and storage devices) or paper records that contain personal information
- unauthorised access to personal information by an employee
- inadvertent disclosure of personal information due to ‘human error’, for example an email sent to the wrong person
- disclosure of an individual’s personal information to a scammer, due to inadequate identity verification.
The Office of the Australian Information Commissioner (OAIC)’s Notifiable Data Breaches Report for July to December 2021 found the leading sources and causes of data breaches in the period:
Privacy has become more important to us in recent years, yet we’re losing trust in organisations protecting our data. For the Australian Community Attitudes to Privacy Survey 2020, 70 percent of respondents saw the protection of personal information as a major concern.
Launching Privacy Awareness Week, Australian Information Commissioner and Privacy Commissioner Angelene Falk commented that, “As the digital economy continues to grow, organisations consider new ways of handling personal information and the community engages further in the online world, trust based on an organisation’s solid privacy foundations will play a fundamental role in supporting successful innovation.”