This week is Privacy Awareness week across NSW and Australia with the theme Prevent. Detect. Protect.
It’s a great reminder that we all have Privacy obligations whenever we collect, manage, or use, the personal information of our students, colleagues, or members of the community. For many of us, this is every day.
Here are some things you might like to do for Privacy Awareness Week:
- View tips and resources from the NSW Information and Privacy Commission and the Office of the Australian Information Commissioner.
- Check out the information about Privacy on the Privacy Moodle page.
- Submit to us a single word that describes your thoughts on Privacy. We will use that word to generate a word map as part of Privacy Awareness week. You can email us the word (privacy@une.edu.au) or you could leave a comment on the Privacy Moodle page.
- Consider these thoughts aligned to the Privacy Awareness theme:
- Prevent – all staff at UNE are responsible for ensuring the correct policies and processes are followed for managing personal information. Take the time to familiarise yourself with the Privacy Management Rule and look out for the new Privacy Management Plan which will be out for consultation soon.
- Detect – ensure that all relevant security protections, such as those relating to password construction are followed. Don’t discuss or disclose personal information with others. Be aware of what constitutes a ‘data breach’ (see more information below) and know who to notify.
- Protect – Privacy breaches often occur because individuals were unaware of their responsibilities. UNE is entrusted with information and we have a responsibility to treat it with care. If you are ever unsure about a matter relating to personal information or receive a question you cannot answer, contact the UNE Privacy Officer, Caitlin Rowe via privacy@une.edu.au.
Check your Privacy ‘Awareness’ with these frequently asked questions about ‘Data Breaches’!
Q1: “What is a Data Breach?”
A1: A data breach is an unauthorised access, use, or disclosure of UNE’s data. When this includes personal information (any identifying information or an opinion about an individual e.g. name, contact details, images, video or audio, genetic materials or sensitive and health information) it is also a privacy breach. Please remember this can include:
- the loss of information from a device or in hard copy,
- unauthorised staff members gaining access to information,
- individuals outside UNE gaining unauthorised access to information, systems or databases, or
- A student/staff member or individual concerned their details have appeared where they shouldn’t or been used in ways they didn’t expect.
Importantly a ‘breach’ only needs to involve the details of one person!
Q2: What do you need to do if you become aware of a data breach?
A2: Please notify privacy@une.edu.au immediately! The Privacy Officer will pass on details to IT Security and other key staff members to contain and investigate the situation.
Please note:
- We are more than happy to investigate a potential issue, even if we discover there is no breach after all.
- Under privacy law UNE has responsibilities to investigate and report data breaches, sometimes in just 30 days. As you may be the first to discover or detect a breach please take a few minutes to let us know – as time for the University to respond starts as soon as you are aware of a potential issue.