Status and Details

Status and Details

This page contains information about the status, approval and a summary of the changes from the previous version of the document. Please note that the Unit Head listed on this page is the current owner of this policy and may not reflect the University position/staff member who owned this policy at the time of publication.

Privacy Impact Assessment Procedures

Show Field Notes
Status Current Indicates if this version of the document is in effect (Current), yet to come into effect (Future), or expired (Historic).
Effective Date 9th June 2023 This is the date on which this version of the document came into effect.
Review Date 9th June 2024 The next review of this document is scheduled to commence on this date.
Approval Authority Vice-Chancellor and President The noted authority approved this is version of the document.
Approval Date 7th June 2023 This is the date on which this version of the document was approved by the authorised authority.
Expiry Date Not Applicable This is the date on which this version expires. It may still apply, conditionally, after this date.
Unit Head Sophie Buck
Director, Governance Services
45701415 		This is the officer generally responsible for day to day administrative matters.
Enquiries Contact Sebastian Castro Leon
Privacy and GIPA Officer
s.castroleon@westernsydney.edu.au 		General enquiries should be directed to the officer/area listed.

Summary of Changes from Previous Version

These Privacy Impact Assessment Procedures support the Privacy Management Plan and the University's statutory privacy obligations, which include the assessment of potential privacy impacts arising from any new or revised projects, be they technology or digital systems, products, services, programs and/or initiatives. A Privacy Impact Assessment (PIA) is a risk assessment tool that identifies the impact that the technology or project may have on the privacy of individuals and for identifying and evaluating solutions to mitigate privacy risks. PIAs must be undertaken for any new or revised project or process which has the potential to impact on the collection, storage, access to, use or destruction of personal information, or when making changes to existing ways of handling personal information. Staff who manage or are responsible for a new or revised project must comply with these Procedures.

Clauses Amended:Procedures: All