List of recommendations

List of recommendations

Recommendation 1

2.107The committee recommends that the IVS bill is amended to provide a rule making power to strengthen privacy safeguards.

Recommendation 2

2.109The committee recommends that the IVS bill is amended to provide that 'identification information' as defined in clause 6 is 'personal information' for the purposes of the Privacy Act.

Recommendation 3

2.111The committee recommends that the IVS bill is amended to provide that a breach of a participation agreement that relates to a privacy matter by an APP entity constitutes an interference with privacy under the Privacy Act.

Recommendation 4

2.113The committee recommends that the Explanatory Memorandum is amended to make clear that participation agreements must be privacy-enhancing and consistent with the APPs.

Recommendation 5

2.115The committee recommends that the Explanatory Memorandum is amended to clarify that the compliance obligations under the bills do not alter a participating entity's obligations under the Privacy Act.

Recommendation 6

2.117The committee recommends that clause 40 of the IVS bill is amended to enliven the OAIC's existing assessment powers in subsection 33C(1) of the Privacy Act in relation to the annual assessment requirements.

Recommendation 7

2.119The committee recommends that the IVS bill is amended to ensure that individuals are notified when there is a data breach that is likely to cause them serious harm.

Recommendation 8

2.121The committee recommends that the IVS bill is amended to allow entrusted persons (for example, a departmental employee) to disclose protected information to the Information Commissioner or an OAIC staff member, for the purpose of the Commissioner or OAIC exercising a power, or performing a function or duty.

Recommendation 9

2.123The committee recommends that clause 44 of the IVS bill is amended to require the Information Commissioner to be consulted on the rules, as they relate to privacy, before they are made under clause 44.

Recommendation 10

2.125The committee recommends that the IVS bill is amended to only include express consent and not implied consent.

Recommendation 11

2.127The committee recommends that the IVS bill is amended to provide for an interim review after 12 months. That interim review should focus on the adequacy of the privacy and security protections operating in the IVS scheme and whether there is merit in developing a civil penalties framework within the IVS scheme.

Recommendation 12

2.128Subject to the preceding recommendations, the committee recommends that the Senate pass the bills.

Contents
Previous Next