Privacy Advisory
& Compliance
Australia's Privacy Act reforms have raised the bar, and the regulator is paying closer attention. We provide privacy advisory grounded in Australian law and built to work in practice, from gap assessments and privacy impact assessments through to breach response and NDB notifications.
- Privacy Act 1988 compliance assessment and gap analysis
- Notifiable Data Breach (NDB) scheme readiness and response
- Privacy Impact Assessments (PIAs) for new systems and projects
- Data mapping, classification, and records of processing activities
- Privacy policy and notice drafting and review
- Consent framework design and implementation
- Privacy program development - governance, roles, and procedures
- Staff privacy training and awareness programs
Common Questions
Does the Privacy Act apply to our business?
Most Australian organisations with over $3 million turnover are covered, plus health providers and several other categories regardless of size - see the OAIC privacy guidance. Reform continues to widen the net, so 'it doesn't apply to us' deserves a re-check.
What is a Privacy Impact Assessment?
A structured review of how a project or system collects, uses, and protects personal information - done before launch, when changes are cheap. Expected practice for government and increasingly for enterprise.
When do we have to notify a data breach?
Under the Notifiable Data Breaches scheme, when a breach is likely to result in serious harm to any individual - you have 30 days to assess, then notification obligations to the OAIC and affected people. We help you make that call defensibly and fast.