APA and GDPR | Professional Computing Practice
Added on 2022-08-27
8 Pages2533 Words37 Views
Running Head: APA AND GDPR 0
PROFESSIONAL COMPUTING PRACTICE/ADVANCED PROFESSIONAL
DEVELOPMENT
Assignment 1 Essay
Student name:
Student number:
Topic:
PROFESSIONAL COMPUTING PRACTICE/ADVANCED PROFESSIONAL
DEVELOPMENT
Assignment 1 Essay
Student name:
Student number:
Topic:
APA AND GDPR 1
Introduction
In today’s era of modern technology, it has become easier for organisations to access and
exploit private data of the users since there are different ways from which they can collect
their private information. The use of personal information allows companies to improve their
products and services by customizing them as per the demands and requirements of their
customers. However, this has increased a major concern relating to protection of data privacy
and confidential information of users on a global scale. It is also a threat in Australia since the
number of data breach attacks has increased by 19 per cent between July and December 2019
as per the reports given by the “Office of the Australian Information Commissioner (OAIC)”.
In this regards, the government has introduced many amendments in the “Australian Privacy
Act (APA) 1988”1. Furthermore, “General Data Protection Regulation (GDPR)” is a part of
EU digital privacy protection legislations that are targeted towards imposing accountability
on organisations by giving control to individuals regarding their personal data and
simplifying the overall regulations relating to data privacy. There are many similarities
between APA and GDPR; however, there are many noticeable differences which show the
gaps in regulations of APA and the requirement of the Australian government to introduce
necessary changes in order to improve data privacy of individuals in Australia2. The
objective of this essay is to identify noticeable differences between APA and GDPR and
necessary improvements which should be made in APA for the protection of data privacy of
Australian citizens. This essay will also evaluate the benefits of these changes on Australian
citizens.
Differences between APA and GDPR and need for
improvements
The role of both APA and GDPR is to introduce regulations which are focused on reducing
the threat of cyber-attacks by ensuring that the private data of individuals is protected and
transparency is maintained throughout the operations of corporation3. APA is also referred as
the privacy act which was first introduced in 1988 that provides regulations that deals with
privacy of Australian citizens and companies. Different privacy rights are introduced in this
act under Section 14 which is also called the “APPs (Australian Privacy Principles)”. The
regulations of this act govern how personal information is collected by government agencies
as well as private sector organisations and they also impose obligations in case such data is
Introduction
In today’s era of modern technology, it has become easier for organisations to access and
exploit private data of the users since there are different ways from which they can collect
their private information. The use of personal information allows companies to improve their
products and services by customizing them as per the demands and requirements of their
customers. However, this has increased a major concern relating to protection of data privacy
and confidential information of users on a global scale. It is also a threat in Australia since the
number of data breach attacks has increased by 19 per cent between July and December 2019
as per the reports given by the “Office of the Australian Information Commissioner (OAIC)”.
In this regards, the government has introduced many amendments in the “Australian Privacy
Act (APA) 1988”1. Furthermore, “General Data Protection Regulation (GDPR)” is a part of
EU digital privacy protection legislations that are targeted towards imposing accountability
on organisations by giving control to individuals regarding their personal data and
simplifying the overall regulations relating to data privacy. There are many similarities
between APA and GDPR; however, there are many noticeable differences which show the
gaps in regulations of APA and the requirement of the Australian government to introduce
necessary changes in order to improve data privacy of individuals in Australia2. The
objective of this essay is to identify noticeable differences between APA and GDPR and
necessary improvements which should be made in APA for the protection of data privacy of
Australian citizens. This essay will also evaluate the benefits of these changes on Australian
citizens.
Differences between APA and GDPR and need for
improvements
The role of both APA and GDPR is to introduce regulations which are focused on reducing
the threat of cyber-attacks by ensuring that the private data of individuals is protected and
transparency is maintained throughout the operations of corporation3. APA is also referred as
the privacy act which was first introduced in 1988 that provides regulations that deals with
privacy of Australian citizens and companies. Different privacy rights are introduced in this
act under Section 14 which is also called the “APPs (Australian Privacy Principles)”. The
regulations of this act govern how personal information is collected by government agencies
as well as private sector organisations and they also impose obligations in case such data is
APA AND GDPR 2
lost or exploited. Similarly, GDPR is the part of EU regulations that are also followed by
many other countries targeted towards regulating data transfer and storage to make sure that
transparency is maintained throughout the operations and individuals have complete control
over their private data4. Based on the understanding of these two regulations, it is clear that
both of them emphasises on protection of private data of users by simplifying the process.
There are many similarities between APA and GDPR in terms of ensuring how personal
information is secured by organisations and both of them imposes mandatory methods which
are compulsory to be followed by parties that deal with private data of individuals. Both of
these laws introduce a range of general obligations in order to ensure data security. There are
different steps in both of these regulations that are necessary to be taken by organisations in
order to ensure that the private or sensitive data which they collect must be protected from
any sort of misuse, loss or interference. Both of them also provide policies for ensuring that
the private data is securely erased by organisations when necessary5. Furthermore, data
breaches are also treated in a similar manner in both of these regulations. Both of them
enforce the parties that deal with data breaches to report those incidents to relevant authorities
as soon as possible. They also enforces them to ensure sufficient seriousness while reporting
these breaches to make sure that necessary actions are taken right away for protection of such
data. As per both of these laws, personal information that is encrypted needs not to be
reported by organisations. Along with similarities, there are many differences between APA
and GDPR which shows key limitations and gaps that are necessary to be fulfilled in the
Privacy Act of Australia6.
One of the key differences between APA and GDPR is in relation to policies and procedures
for managing data privacy risks. As per the guidelines of GDPR, companies are required to
have certain policies and procedures that allow them to assess and manage risks are relating
to handling personal information of users. These guidelines are introduced especially for
those companies that are planning to engage in practices relating to high risks data
processing7. These companies have to ensure that they undertake a “Data Protection Impact
Assessment (DPIA)” when they use sensitive data in their operations. Along with this risk
assessment, companies are also subject to have a mandatory Data Protection Policy in which
they have to set out the expectations for their staff members in order to make sure that they
treat the confidential data securely. Moreover, companies that suffer a data breach are also
bound under these protection policies to notify authorities along with individuals who might
be affected as a result of cyber-attack8. There is a strict limit of 72 hours within which the
lost or exploited. Similarly, GDPR is the part of EU regulations that are also followed by
many other countries targeted towards regulating data transfer and storage to make sure that
transparency is maintained throughout the operations and individuals have complete control
over their private data4. Based on the understanding of these two regulations, it is clear that
both of them emphasises on protection of private data of users by simplifying the process.
There are many similarities between APA and GDPR in terms of ensuring how personal
information is secured by organisations and both of them imposes mandatory methods which
are compulsory to be followed by parties that deal with private data of individuals. Both of
these laws introduce a range of general obligations in order to ensure data security. There are
different steps in both of these regulations that are necessary to be taken by organisations in
order to ensure that the private or sensitive data which they collect must be protected from
any sort of misuse, loss or interference. Both of them also provide policies for ensuring that
the private data is securely erased by organisations when necessary5. Furthermore, data
breaches are also treated in a similar manner in both of these regulations. Both of them
enforce the parties that deal with data breaches to report those incidents to relevant authorities
as soon as possible. They also enforces them to ensure sufficient seriousness while reporting
these breaches to make sure that necessary actions are taken right away for protection of such
data. As per both of these laws, personal information that is encrypted needs not to be
reported by organisations. Along with similarities, there are many differences between APA
and GDPR which shows key limitations and gaps that are necessary to be fulfilled in the
Privacy Act of Australia6.
One of the key differences between APA and GDPR is in relation to policies and procedures
for managing data privacy risks. As per the guidelines of GDPR, companies are required to
have certain policies and procedures that allow them to assess and manage risks are relating
to handling personal information of users. These guidelines are introduced especially for
those companies that are planning to engage in practices relating to high risks data
processing7. These companies have to ensure that they undertake a “Data Protection Impact
Assessment (DPIA)” when they use sensitive data in their operations. Along with this risk
assessment, companies are also subject to have a mandatory Data Protection Policy in which
they have to set out the expectations for their staff members in order to make sure that they
treat the confidential data securely. Moreover, companies that suffer a data breach are also
bound under these protection policies to notify authorities along with individuals who might
be affected as a result of cyber-attack8. There is a strict limit of 72 hours within which the
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Critical Differences between FRCP and GDPRlg...
|4
|865
|81
Global network forensics investigationslg...
|7
|1200
|298
Business Applications Of Information Systemslg...
|7
|1335
|17
Data Privacy in Australialg...
|9
|2158
|60
Frequent Data Breaches and Emerging Privacy Concernslg...
|4
|800
|87
Data Privacy In Australialg...
|7
|2247
|168