NSW Privacy Commissioner encourages agencies to build strong privacy foundations, and supports citizens to better understand their privacy rights this Privacy Awareness Week NSW 2023

Today, the NSW Privacy Commissioner, Samantha Gavel, launched Privacy Awareness Week NSW 2023.

Privacy Awareness Week NSW takes place this year from 1 – 7 May 2023 and involves both public sector agencies and citizens to improve understanding and awareness of NSW privacy legislation, raise awareness of a person’s privacy rights, and remind agencies of their obligations to protect privacy.

The Information and Privacy Commission NSW (IPC) hosts the campaign in NSW and this year marks the thirteenth year of celebrating Privacy Awareness Week NSW. The 2023 theme is ‘Back to Basics: Privacy foundations in NSW’.

Privacy Commissioner, Samantha Gavel, said, “Privacy protection needs to be at the heart and centre of our increasingly connected and digital world. This is particularly important in the context of NSW government services and technology, to ensure the community can have confidence in these services and systems.

“This Privacy Awareness Week, I encourage all agencies to closely consider this year’s theme and return to the basic principles of protecting personal information held in digital systems. For citizens, it is important that they keep privacy basics in mind when they are online.”

To celebrate Privacy Awareness Week NSW 2023, the IPC is releasing a webinar on Privacy, Data and Digital Technology on Tuesday 2 May. During the webinar, the Privacy Commissioner will speak on the 2023 theme and provide an update on the upcoming Mandatory Notification of Data Breach (MNDB) Scheme. The Commissioner will welcome guest speakers, including Edward Santow, UTS; Ian Oppermann, DCS Data Analytics Centre; and Lenka Bradovkova, Identity.NSW.

With a focus on the upcoming MNDB Scheme this year, the IPC has released easy to understand resources for citizens to improve their understanding of the Scheme, their rights and what they can expect once the Scheme is in place. Additional to these new resources, the IPC has also highlighted existing resources including a guide to privacy laws in NSW and privacy tips for citizens.

For agencies, the IPC has released new resources including a guide to prepare an agency data breach policy and a fact sheet on exemptions from notification to individuals under the MNDB Scheme. In the lead up to 28 November 2023 when the Scheme commences, the IPC will continue to release new guidance and update existing guidance to support NSW public sector agencies.

The Privacy Commissioner said, “I am looking forward to engaging with agencies to assist them in meeting their compliance requirements under the Scheme and support them to improve their privacy practices.

“Ensuring that privacy is at the centre of digital technology and digital innovation will enable NSW government agencies to secure the benefits of this technology, while minimising the risk of harm to privacy rights.”

More information, including activities and resources on privacy rights in NSW, are available on the Privacy Awareness Week NSW 2023 website.


For further information, please contact:

The Manager, Communications and Corporate Affairs on 0435 961 691 or email communications@ipc.nsw.gov.au

About the Information and Privacy Commission:

The Information and Privacy Commission NSW (IPC) is an independent statutory authority that administers New South Wales’ legislation dealing with privacy and access to government information. The IPC supports the Information Commissioner and the Privacy Commissioner in fulfilling their legislative responsibilities and functions and to ensure individuals and agencies can access consistent information, guidance and coordinated training about information access and privacy matters.

About the NSW Privacy Commissioner

Samantha Gavel was appointed as NSW Privacy Commissioner on 4 September 2017. Her role is to promote public awareness and understanding of privacy rights in NSW, as well as provide information, support, advice and assistance to agencies and the general public.

About NSW privacy legislation

The Privacy and Personal Information Protection Act 1998 (PPIP Act) outlines how NSW public sector agencies, including government agencies, local councils and universities, manage and protect personal information.

The Health Records Information Privacy Act 2002 (HRIP Act) promotes fair and responsible handling of health information. The HRIP Act applies to an organisation in NSW that is a health service provider or that collects, holds or uses health information. This includes both public and private sector organisations.

All NSW citizens have a right to have their personal information protected. If you are concerned a NSW agency has breached your privacy, you can request the agency to conduct an internal privacy review. The Privacy Commissioner has an oversight role in relation to the internal review.

The IPC can help citizens understand privacy laws in NSW and provide information on to protect personal information and assert their privacy rights.

For further information, visit our website at www.ipc.nsw.gov.au