Australian TPPs

Operationalize compliance with the most comprehensive PrivacyOps platform

Last Updated on نوفمبر 8, 2023

Schedule Your
Personal Demo

Learn how you can leverage Securiti’s Data Command Center to address data security, privacy, governance, and compliance.

See a demo
Schedule your demo today

The Australian Capital Territory Information Privacy Act 2014 (the Act) is a law that regulates the handling of personal information by Australian Capital Territory (ACT) public sector agencies. The Act mandates that ACT government entities comply with a set of territory privacy principles to protect individuals’ right to privacy.

The Act sets out 13 Territory Privacy Principles (TPPs) that must be followed by ACT public sector agencies when collecting, storing, using, and disclosing personal information. The TPPs include topics related to personal information collection, use, disclosure, storage, and security and are comparable to the Victorian Information Privacy Principles.

The Act establishes the Office of the Information Commissioner, whose duties include regulating and upholding the Act's provisions, investigating privacy concerns, and promoting awareness of individuals' rights and responsibilities.

Under the Act, individuals have the right to access and correct their personal information held by ACT public sector agencies. Individuals can also complain to the Territory’s Information Commissioner if they believe that any act of the public agency has interfered with their privacy.


The Solution

Securiti enables organizations to comply with the Australian Capital Territory Information Privacy Act 2014 & Territory Privacy Principles (TPPs) through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities, and AI-driven process automation.

Securiti supports enterprises in their journey toward compliance with the Australian Capital Territory Information Privacy Act 2014 & Territory Privacy Principles (TPPs) through automation, enhanced data visibility, and identity linking.

Australian Territory Privacy Principles TPPs Compliance Solution

Request a demo today to learn how Securiti can aid you and your organization's compliance efforts.


Assess Readiness

Schedule 1

With the help of Securiti’s multi-regulation, collaborative, readiness, and privacy impact assessment system, you can measure your organization's posture against Australian Capital Territory Information Privacy Act 2014 & Territory Privacy Principles (TPPs), identify the gaps and address the risks.

Australian TPPs Readiness assessment
Australian TPPs data access request

Secure Fulfillment of Data Access and Accuracy / Rectification / Anonymization Requests

TPP 2.1+ TPP 12 + TPP 10 + TPP 13

DSR automation allows data subjects to request access, update, correct, and anonymize their personal data. Securiti’s DSR automation also enables organizations to create customized data subject rights request forms embedded in websites, verify identities, and aggregate requests into a fulfillment automation workbench.

Map Data Flows (Cross-Border Data Transfers) & Manage Vendor Risk

TPP 8

Track data flows regarding the transfer of personal information to an overseas recipient and collect and maintain an inventory of data assets and data processing activities. Helps ensure that such an entity handles personal information in accordance with the standards set under Information Privacy Act 2014.

Australian TPPs data mapping
Australian TPPs consent preference management

Monitor and Track Consent

TPP 3.3 + TPP 6.1(a)

Automates obtaining consent from data subjects when collecting, using and disclosing personal information and sensitive personal information.

 

Universal Consent Management

TPP 7

Allows the secure capturing of consent from data subjects when using or disclosing personal information for direct marketing purposes. Securiti's Consent Management Platform enables organizations to obtain end-users' consent for data access, retrieval, and advertising purposes.

Australian TPPs Universal Consent Management
Australian TPPs Privacy Policy and notice creation for Australian TPPs

Privacy Policy and Notice Management

TPP 1.3 + 1.4 + 1.5 + 1.6 + TPP 5

Automatically generates and updates the policy regarding collecting and using personal information.

Assess Data Protection Measures and Enable Appropriate Security Controls

TPP 11

Helps implement technical and operational measures to protect personal information from misuse, interference or loss, unauthorized access, modification, and disclosure. Ensures that personal data is de-identified, erased, or destroyed once it is no longer used/required

Australian TPPs Data Protection Security Controls

Key Facts about Australian Capital Territory Information Privacy Act 2014 & Territory Privacy Principles (TPPs)

1

Purpose: The Act aims to protect individuals’ privacy rights by regulating how ACT public sector agencies handle personal information.

2

Scope: All ACT public sector organizations, such as government departments, regional councils, and statutory authorities, are subject to the Act.

3

Territory Privacy Principles (TPPs): The Act sets out 13 TPPs that govern the handling of personal information by ACT public sector agencies.

4

Office of Information Commissioner: The Act creates the Office of Information Commissioner, which is in charge of upholding the Act's rules, looking into privacy concerns, and providing awareness of individuals' rights and responsibilities. Each Commissioner will serve for a term of 7 years.

5

Enforcement Mechanisms: The Act includes several enforcement measures, such as the Commissioner's authority to look into privacy violations and take appropriate action, as well as the right of individuals to access and update their personal data held by ACT public sector organizations. If an individual makes a privacy complaint, the Commissioner is empowered to make inquiries and investigations regarding the complaint as he/she deems necessary.

6

Deemed Breach: If a public sector agency discloses the personal information about an individual to an overseas recipient in such a manner that contravenes TPPs under the Act, it is considered a "deemed breach".

7

International Data Transfers: The Act prohibits the transfer of personal data outside of the ACT unless appropriate safeguards adequately protect the data. The public sector agency must ensure that overseas recipients do not breach the TPPs in relation to the information.

8

Penalties: ACT public sector organizations that violate the Act's rules risk fines and penalties and harm to their reputation and public distrust. Any person who uses or divulges the protected personal information about someone else would be subject to a 50 penalty unit or imprisonment for 6 months or both. (As per the Crimes Act 1914, one penalty unit equals 275 AUD).

IDC MarketScape

Securiti named a Leader in the IDC MarketScape for Data Privacy Compliance Software

Read the Report

What's
New