In January 2015 the Office of the Australian Information Commissioner published a guide to "securing personal information" by recommending reasonable steps to protect personal information.
This includes a discussion on what amounts to personal information security, the information life-cycle and what amounts to taking reasonable steps to protect personal information. Special consideration is given to governance, culture and training, internal practices, ICT Security, third-party providers including cloud computing, data breaches, physical security and destruction or de-identification of personal information.
A copy of the guide can be found here.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
