Are you kicking off a new project or initiative? Identifying potential negative privacy risks and relevant control measures from the outset of your project will now be easier with the following new resources (which include detailed drafting notes and links to related Practical Law resources):

• Standard document, Privacy impact assessment (PIA).  A template PIA to enable teams working on new projects involving the collection, use or other handling of personal information to identify and document information flows, privacy risks and possible control measures to mitigate or eliminate privacy risks from the outset of a new project, based on the principles of privacy by design. A PIA can help organisations comply with their obligations under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, and other relevant legislation for the handling of personal information.
• Standard document, Privacy impact assessment report (PIA Report). A template PIA Report for use by an organisation when reporting on information following the performance of a PIA as a means of reporting to management on the findings of a PIA and facilitate decision-making to address privacy risks that have been identified by the PIA process.
• Standard document, Privacy risk and mitigation strategy table. A template privacy risk management tool for the identification of negative privacy risks in relation to a new project and the recording of proposed strategies for the management of those risks within an organisation. The privacy risk and mitigation strategy table may be used to provide a detailed privacy risk analysis when performing a PIA.