The draft NSW Smart Places Data Protection Policy brings the key guidance on data protection in the smart places context together in one place. It aligns with the NSW Government Data Strategy which includes the central theme of strengthening transparency and trust in the way NSW government collects, manages, uses and shares data, ensuring this is in accordance with the highest privacy, security and ethical standards.
The development of a Smart Places Data Protection Policy is identified as an action in the NSW Smart Places Strategy.
Who is this policy for?
The draft Policy has been designed to make it easier for public and private sector smart places developers, managers and place owners to follow lawful and best practice data protection across the lifecycle of smart places data. The draft Policy highlights the need to build data protection into smart places project design, and actively manage smart places data from collection to disposal.
This draft Policy is also designed to support the NSW Smart Places Customer Charter and help members of the public understand what it means for NSW Government to commit to treating data safely and securely and protecting personal information.
The purpose of the policy
The purpose of the draft Smart Places Data Protection Policy is to support the Privacy and Personal Information Protection Act 1998 (PPIP Act), to guide how data is collected, managed and stored as part of smart places implementation.
The PPIP Act outlines how NSW public sector agencies manage personal information. Personal information is defined in section 4 of the PPIP Act. In practical terms, personal information is any information that identifies an individual; it could include records with a name and address, photographs, video or audio footage, or fingerprints, blood or DNA.
NB This draft Policy does not impact on an individual’s legislative rights regarding data and personal information which NSW Government is bound to adhere to, and nor does it prevent or limit existing law.
Last updated 21 Jul 2022