The role of Privacy Contact Officers
The Information and Privacy Commission NSW (IPC) encourages all public sector agencies to appoint a Privacy Contact Officer. The aim of this role is to assist the application of the Privacy and Personal Information Protection Act 1998 (PPIP Act) and the Health Records and Information Privacy Act 2002 (HRIP Act) within their own organisation.
The role of Privacy Contact Officers
- To receive advice and updated information from the IPC about the implementation of the PPIP Act and the HRIP Act
- To act as a first point of contact/liaison with the IPC for all matters related to privacy and personal information
- To act as a focal point within their organisation for all matters related to privacy and personal information
- To act as a first point of contact for members of the public for all matters related to privacy and personal information.
Depending on the size of an organisation, the Privacy Contact Officer may be involved in some or all of the following tasks:
- Disseminating information on privacy issues within his or her organisation
- Co-ordinating the steps to be taken by their organisation in order to implement the PPIP Act and the HRIP Act, including:
- Privacy Management Plans
- Privacy Notifications (s.10)
- Privacy training for staff
- Assessing complaints lodged within their organisation and making recommendations about whether or not it is about personal information under the PPIP Act and/or health information under the HRIP Act
- Ensuring that all complaints about privacy breaches and/or internal reviews are dealt with in the proper manner.
In some organisations, the Privacy Contact Officer also acts at the Right to Information Officer.
