Conscientious collection and careful custody
Our personal information collection process embedded in the nsw.gov.au website is designed to be lawful, direct, and purposeful. We minimise data collection to what is necessary, ensuring that personal information is collected in a transparent manner and used for the purposes for which it was collected. We are as selective about the information we gather as we are about how we store it—safely, securely, and within the bounds of appropriate retention periods.
Principles at the forefront
Our foundational principles of data minimisation, purpose limitation, and stringent data security inform every decision we make. From the initial design of the nsw.gov.au website, privacy is not just embedded; it is an integral aspect of our creation process, ensuring that user data is handled with the utmost respect and care.
Privacy by design: a core philosophy
Adopting a privacy by design approach means that we consider privacy at every stage of our processes. This proactive stance allows us to integrate privacy into our working practices, ensuring that our digital offerings are compliant and respectful of user privacy from the outset.
The benefits of foresight
By embedding privacy into our workflow, we avoid the need for costly redesigns and ensure that user privacy is a constant consideration. This results in more efficient operations and a user experience that respects the individual’s privacy at every touchpoint.
Evaluating and adapting to privacy risks
Our commitment to privacy involves regular evaluations to adapt to the changing technological and regulatory landscape. Through thorough Privacy Impact Assessments, we continuously assess and manage privacy risks, utilising expert opinions both internally and externally.
Communication and compliance
Our Privacy Collection Notices are about clear communication regarding data collection. We inform customers why their information is needed, how it will be used, and the measures in place to protect it, ensuring compliance with the Information Protection Principles.
Proactive data breach management
Adhering to the Mandatory Notification of Data Breach Scheme, we have established robust procedures to manage and respond to data breaches promptly and efficiently. Our proactive measures are designed to not just respond to breaches, but to prevent them wherever possible.
Dedication to privacy management
The OneCX Privacy Team, supported by the Department of Customer Service privacy team, provides best practice privacy advice and training. Through our internal Privacy Impact Assessments, we identify potential risks and implement controls to mitigate them, ensuring that privacy is not compromised.
In the digital era, the protection of personal information is of utmost importance.
The OneCX Program is committed to not only meeting but exceeding the privacy expectations of our customers, ensuring a secure and trustworthy digital environment.
