Australian Privacy Principles – Implementation Guide for RTOs
Is your RTO effectively managing information in line with the Australian Privacy Principles?
The 13 Australian Privacy Principles (APPs) have a wide range of impacts and requirements on Registered Training Organisations (RTOs); not in least part due to the large amount of personal information RTOs collect, use and report on individuals.
The Australian Privacy Principles Implementation Guide for RTO’s (Version 6.0) includes:
Overview of the APPs and key requirements
Extensive guidelines on how the APPs apply to RTOs
Framework for a Privacy Impact Assessment & example PIA tool
Example APP Compliance Checklist for RTO use
Further resources and information
The pack also includes a handy Presentation resource ideal for RTO personnel induction & refresher activities on privacy requirements.
Purchase the Templates Pack now and also receive access to a free digital course providing an overview of the pack for you and your team!
Ensure your RTO is compliant with its privacy obligations!
Some of the key requirements…
- Options for pseudonyms must be provided where possible.
- APP notifications are required for all data collection.
- Requirements for direct marketing activities.
- Specific requirements for government related identifiers.
- Specific ‘cross-border’ disclosures now mandated.
- Quality of data required for ongoing use of records.
- Expectations for data security measures.
- Requirements for records access and correction.
Version 7 of the resource has been updated for minor additional guidance in the National VET Data Policy 2020.
Version 6 of the resource has been updated with a refreshed APP Privacy Overview Presentation.
Version 5 of the resource has been updated for additional formatting and RTO guidance on the Data Breach Response requirements.
Version 4 of the resource has been updated for guidance in the National VET Data Policy 2018.
The amendments to Privacy legislation specify an exemption for ‘small business operators’ that meet particular characteristics, including turning over less than $3 million per year. There are exceptions to this exemption however, including for RTOs in situations where they may be contracted to government agencies or hold other legal requirements under various stakeholder contracts.
The National VET Data Policy released by the Australian Government Department of Education & Training for all operations from 1 January 2018 confirms that all RTOs – regardless of their small business operator status – must comply with APP 3 and 5 of the Privacy Act 1988 when collecting data for the National VET Provider Collection from students, as if the RTO were an APP entity under the Privacy Act.
vetr’s Australian Privacy Principles Implementation Guide for RTOs covers this information in some detail, and also includes a range of other reasons why RTOs would wish to ensure these privacy practices are in place in their businesses, for mitigation of privacy and operational risks, as a best practice approach.
Over 120 pages of critical information, advice and tools to assist RTOs to meet the Australian Privacy Principles requirements. Guide and example tools are provided in both PDF and MS Word formats for ease of customisation and use in your RTO.
The resource is available now in digital format.