Privacy_Assignmentv2.docx Page 1 of 3 Privacy: Your Responsibilities Welcome to the Module – Privacy: Your Responsibilities. This self-study guide has been developed so that you, as a prospective IT...

Privacy_assignment


Privacy_Assignmentv2.docx Page 1 of 3 Privacy: Your Responsibilities Welcome to the Module – Privacy: Your Responsibilities. This self-study guide has been developed so that you, as a prospective IT Professional, understand your role and responsibilities in regard to protecting your client’s personal and private information. Privacy requirements in Australia: The near mandatory need to be “online” in the increasingly global economy has driven business forward in leaps and bounds in Information and Communication Technology. This technological growth has been an enabling tool for business. Increases in the speed of response of systems and the internet have provided flexibility and accessibility bringing great benefits to business and clients. Client information and requirements are now accessible from all corners of the Globe. This presents a dilemma; that of how we secure information that we, as business IT professionals, are charged with caring for. Australia has a Privacy act that governs what we must do to ensure protection of personal, sensitive data. The act is constantly being updated to cater for these new technological advances. Keeping up to date with these changes is paramount in being successful in securing private data. To complete this Module you will need access to the internet. Try to search for different types of Privacy Legislation in Australia, or you can go to http://www.oaic.gov.au/. Please enjoy learning about the Privacy act and how it relates to you as an IT Professional. Feel free to contact your trainer if you require any assistance. http://www.oaic.gov.au/ Privacy_Assignmentv2.docx Page 2 of 3 In order to understand the impact of breaches of trust in relation to personal information storage please list down the information that organizations hold that you believe are private. _____________________________________________________________________________________ _____________________________________________________________________________________ _____________________________________________________________________________________ _____________________________________________________________________________________ _____________________________________________________________________________________ _____________________________________________________________________________________ _____________________________________________________________________________________ _____________________________________________________________________________________ _____________________________________________________________________________________ Now read the article ‘Privacy Impact Assessment Guide’. You can search the internet for this or retrieve it from the government’s privacy website. Pay particular attention to the section named ‘What is personal information?’ to explore what may be deemed as personal, private information. The article also has some very relevant information on how we can address and plan for change whilst protecting personal information. Note when it was written and decide if it is up to date. Is it still useful? Now go to the Australian Computer Society (ACS) website and read the Code of Professional Conduct. We as IT professionals have a responsibility to maintain a high standard of Professional Conduct or ethical behaviour in the workplace. We are entrusted with a large amount of control over and access to information and data of our clients. Often we are communicating with clients who know little of our industry and we have a responsibility not to take advantage of this situation. Now read the Privacy Act of Australia and become familiar with the content and spirit of the act. This is a very large document with a lot of legal jargon. It may be best to focus on the Privacy Principles and look for some executive summaries of the Act. Privacy_Assignmentv2.docx Page 3 of 3 Assignment Your assignment for this module is to review a company’s privacy policy and compare this to the Privacy Act of Australia (hint:- most websites have one). You must compile a report that addresses any issues that you have noticed. If you cannot locate a suitable one, your trainer will be able to provide one. Internet research is the main vehicle to gather required content for your assignment. Ensure you have researched sufficiently to provide a detailed, relevant report. Ensure correct referencing is used, Harvard type. Report 1250 words maximum. 12pt font single spaced. - Access and become familiar with the current Australian Privacy Act. - List areas of concern addressed by the Act, e.g. Financial, Health, etc. - Read and analyse a business privacy policy based on what you have learned about the Act. - Report your findings listing any short comings or areas in excess of the Act. - Make recommendations for changes to the policy to ensure compliance of the Act. - Demonstrate how you would disseminate the suggested changes to all stakeholders. There are many government reports and findings on the impacts of the privacy act that you may find useful in your analysis process. There is also international governance that may assist you in compiling your report and give you understanding of international context. Some of these are… United States  Sarbanes-Oxley Act of 2002 (SOX)  Gramm-Leach-Bliley Act (Financial Modernization Act)  Health Insurance Portability and Accountability Act of 1996 (HIPAA)  Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (USA Patriot Act) Canada  The Personal Information Protection and Electronic Documents Act Europe  European Union Data Protection Directive (EUDPD) Japan  Japan’s Personal Information Protection Act.