How I can help
If you need privacy-related advice, I can help. I offer wide-ranging experience in this area, having been involved with PIAs for technology solutions, assessment of privacy impacts of proposed policies and activities, authorised information sharing agreements, information sharing across the social sector, wide-ranging inputs into a privacy, human rights and ethics framework, the GDPR, and the drafting of privacy statements for government agencies and private sector companies.
Some examples
My experience in this area includes the following:
- reviewing organisational privacy policies and agency compliance with the Privacy Act’s information privacy principles
- surveying agency staff and assessing agency maturity under the Privacy Maturity Assessment Framework and making recommendations to improve IPP compliance and the level of privacy-related maturity
- reviewing, contributing to and drafting privacy impact assessments
- advising on approved information sharing agreements under Part 9A of the Privacy Act and their associated processes and privacy impact assessments
- developing open data principles that recognise the importance of personal privacy and the potential risks of aggregating seemingly anonymised datasets
- advising on relevant aspects of the Statistics Act 1975
- preparing guidance for staff on the use and disclosure of student-related personal information
- advising on the privacy implications of machine-to-machine processing of personal information that is encrypted at both ends prior to processing
- advice on and drafting of privacy-centric contractual provisions
- detailed advice on policy initiatives that would entail the collection and sharing of personal information for beneficial outcomes
- drafting and amending of privacy policies for multiple government and corporate websites
- negotiation of contracts for an online consultation service to ensure Privacy Act compliance
- collection, collation and summarising into human-readable form of specific statutory provisions enabling the collection and sharing of personal information across the social sector
- wide-ranging advice and other inputs into a framework that assesses the privacy and other implications of proposed services and processes
- reviewing and redrafting agreements and privacy policies for GDPR compliance.