Not for publication prior to 12:01am AEST 28 January 2019
Australia's First Independent Privacy Certification Framework Launches, As The World Recognises Data Privacy Day.
ADELAIDE, AUSTRALIA – 28 JANUARY 2019 – The Australian Data Privacy Certification Register, Australia's first independent privacy certification framework, launches today – coinciding with the twelfth edition of Data Privacy Day.
The Australian Data Privacy Certification Register (ADPCR) has launched its new privacy framework today, offering independent privacy certification for Australian organisations. The framework centres around six key privacy principles, encompassing how organisations manage their people, process, and policy. Using an automated assessment engine, the ADPCR verifies the information provided by organisations, to ensure they have met the standards required to achieve certification.
An ADPCR spokesperson has confirmed that the new framework, which extends upon existing privacy legislation, but does not certify organisations for compliance with the Australian Privacy Principles (APP's), has already started gaining traction - "We are deep in talks with several key Australian businesses who are excited about undertaking certification, and are keen to demonstrate to their customers that they do take privacy seriously. We'll start to see the size of our certification register build over the next couple of months."
The ADPCR hopes that it can use Data Privacy Day as a tool to encourage Australians to look more closely at their privacy, and the impact that compromised personal information can have on day-to-day life – "There's a bit of a disconnect at the moment, between the want for greater privacy controls, but then not enacting the basic privacy protections that are already in place. Data Privacy Day is, for us, a great opportunity to get people talking about their privacy rights, and what they can do to protect them."
As a part of its vision to improve privacy standards in Australia, the ADPCR has also launched a free data breach alert service, which delivers live alerts to subscribed users when a data breach occurs. Each alert offers actionable advice, and tips that may help in reducing personal harm – "Our alerts service has seen upward of three thousand subscribers join prior to our launch, and we expect that we will see this number rise over the coming weeks. We're hopeful that this service becomes a staple for Australian households, as their source for accurate information in the aftermath of a data breach."
The launch of the ADPCR is timely, with the Australian Competition and Consumer Commission (ACCC) tabling a recommendation last month – following the release of the preliminary report for the digital platforms inquiry – that would allow for an approved third-party certification scheme to certify an organisation's compliance with Australian privacy legislation.
Following the introduction of the notifiable data breaches scheme in February last year, and the heightened privacy concerns surrounding the Federal Government's My Health Record, the ADPCR is confident that Australia is ready for improved privacy protections – "We saw the impact that the General Data Protection Regulation (GDPR) had worldwide, when it came into effect in May last year. We're not proposing anything as drastic as that for Australia at this point, but we do want to see Australian organisations offering greater transparency, and control to their customers as a first step."
About the ADPCR:
The Australian Data Privacy Certification Register (ADPCR) is Australia's first independent third-party certification body, offering privacy certification for Australian Organisations. The ADPCR also operates a certification register, alongside privacy news, fact sheets & a consumer advocacy service. Alerts by ADPCR is a free data breach alert service, designed to provide consumers with actionable advice following a data breach, which includes steps to take that may reduce personal harm. The ADPCR is a 2019 Data Privacy Day Champion.
About Data Privacy Day:
Data Privacy Day is an international holiday that occurs every January 28. The purpose of Data Privacy Day is to raise awareness and promote privacy and data protection best practices. It is currently observed in the United States, Canada, India and 47 European countries. The international recognition offers many opportunities for collaboration among governments, industry, academia, non-profits, privacy professionals and educators.