While a PIA is more than a compliance check, it is essential that you consider compliance with privacy law.
Consider whether your project complies with each of the Australian Privacy PrinciplesLink opens in new window (APPs). For each APP, ask yourself:
- Is the APP relevant to the project? If not, why not? Will it become relevant to the project at a later stage?
- Does my project comply with the APP?
- Are there any risks to compliance?
You should document and provide specific details about how your project complies with the APP, or why you are not required to comply, and any considerations you took into account.
Australian Government agencies should also be aware that there may be other privacy-related legislation and rules that apply to your agency, such as secrecy provisions or information handling obligations in other legislation.
The OAIC’s Guide to Undertaking Privacy Impact AssessmentsLink opens in new window provides example questions for each APP to assist you to complete your compliance check.
You may also find the APP GuidelinesLink opens in new window a useful resource to assist you to interpret and apply the APPs.