Maintaining secure information and notifying us of information security incidents
The obligations and requirements for service providers to maintain secure information, and notify us when an actual or suspected information security incident is detected. This policy applies to all electronic and physical data storage.
Resources to assist you
These resources will assist you to understand NSW and Commonwealth privacy laws, your obligations and responsibilities as a DCJ contracted service provider, and give you tactics that may help you protect your organisation.
DCJ resources for contracted service providers
Information security is everyone's responsibility
This resource outlines your responsibilities as a DCJ contracted service provider, along with a number of practical things you can do to achieve and maintain a strong information security culture across your organisation.
You can also download and print our top 10 take-aways for information security.
Secure File Transfer – Interim Guidance for Service Providers
This guidance outlines key privacy principles, how to safely share files, naming protocols and what to do in the event of a data breach/incident.
External tools
Tool | Source | Usage |
|---|---|---|
Justice Connect, Not-for-profit Law | This is a guide for not-for-profit organisations that want to understand more about their obligations under privacy laws in Australia. | |
Office of the Australian Information Commissioner | This guide assists organisations and agencies to prepare for, and respond to data breaches, in line with their obligations under the Commonwealth Privacy Act 1988. | |
Infoxchange | Practical guides and resources specifically for not-for-profits on information technology, systems and security to support providers to build their digital capabilities. | |
Australian Cyber Security Centre | This guide has been developed to help small business protect themselves from the most common cyber security incidents. | |
| First Nations Business Resources | Australian Cyber Security Centre | These resources assist First Nations businesses with tips and information to keep safe and secure online. |
Resources to assist your organisation comply with privacy laws | Justice Connect, Not-for-profit Law | Resources designed to assist not-for-profit organisations that have contractual arrangements with government to comply with privacy laws at both the NSW and national level, including notifiable data breaches and cyber security. |
Information and Privacy Commission NSW | Information for organisations and agencies on what a data security breach is, its potential impact on an organisation and its clients, and how to manage a breach in NSW. |