It’s that time again! Of course, data privacy is essential all year round, but Privacy Awareness Week is the perfect time to take stock of how well your privacy practices stack up. Do you have all the building blocks to ensure you demonstrate good privacy practices?

To help you sure up your privacy foundations, the Office of the Australian Information Commissioner (OAIC) has published some handy resources for businesses. We’ve highlighted four must-have resources to cross check data privacy foundation.

1. A cheat sheet on your obligations under the Privacy Act

All businesses with an annual turnover of more than $3 million are regulated by the Privacy Act 1988. Even those organisations that aren’t covered by the Act can opt in to show their commitment to good privacy practices. Regardless of your business size, you should understand your legal commitment to customers’ information privacy and their expectations around their own personal information.

If you want to brush up on what it covers, the OAIC has broken it down into ten handy sections here:

2. A template to build your data privacy plan

The best of intentions is not sufficient when it comes to data privacy. Having a privacy plan in place helps you identify how you will abide by the following:

a. Embed a culture of privacy to enable compliance
b. Establish robust and effective privacy processes
c. Evaluate this process on an ongoing basis to ensure continued effectiveness
d. Enhance your response to privacy issues

If you don’t have a plan, add it to your to-do list this week. You can find a template to assist here:

3. A guide to developing an APP privacy policy

You likely have a privacy policy, but we recommend that you take a critical look at it this week. Is it ten pages long and written in the kind of legalese that no one wants to slog through? If the answer is yes, then it is time to revisit it. On the other hand, if your privacy policy is easy to understand and written in plain English, it will help you build trust with your clients and help them regain control of their data.

Take a look at the OAIC guide here:

4. Advice on building a data response plan

The final piece of reading that we recommend focuses on your data response plan. What do you do if something goes wrong? With 900 data breaches reported to the OAIC in 2021, a response plan is vital. Take a look at these tips to ensure that yours is up to scratch:

It is also the perfect time to talk to us here at Colton about staff training. Did you know that we run a phishing program (no, it doesn’t involve a lazy Sunday on a boat) where we test your staff’s ability to sniff out a scam email to better prepare them for the real thing? Get in touch at to set up.