Tell us about the journey to your current role and what it this role entails?
I commenced as NSW Privacy Commissioner in September 2017. As Privacy Commissioner, my role is to promote public awareness and understanding of privacy rights in NSW, as well as providing information, support, advice and assistance to agencies and the general public. My responsibilities include the preparation of reports recommending legislative, administrative or other action in the interests of privacy as well as conducting inquiries and investigations into privacy related matters.
Prior to taking up my current role, I was the National Health Practitioner Ombudsman and Privacy Commissioner, and previously held the role of Private Health Insurance Ombudsman for six years.
Can you describe a project you are working on or recently completed? What challenges did you face along the way and how were they overcome?
As the NSW Privacy regulator, my role includes providing advice and guidance to NSW government agencies, to assist them to comply with NSW privacy legislation. Last year, we published two important pieces of guidance:
- To assist agencies to manage and mitigate data breaches; and
- To assist private healthcare providers and the public to understand their rights and responsibilities in relation to rights of access to health records.
Providing published guidance requires the Information and Privacy Commission to carefully consider and distil complex issues into guidance which is accessible, useful, accurate and comprehensive. Stakeholder consultation is carried out during the process, to assist with achieving these goals.
What did you learn from this project? What did it achieve?
The provision of guidance can have either a positive or negative impact on the number of complaints received. It is important to monitor its impact and seek feedback, to ensure it is meeting the needs of its audience.
An increase in complaints is not necessarily a negative consequence, because new guidance may be raising awareness of an issue and assisting citizens to exercise their privacy rights.
What excites you most about the future?
We live in a time of fast paced technological development and change. The use of some forms of technology has become almost second nature, such as computers and mobile phones. Other types of emerging technology, such as artificial intelligence, hold great promise for the future.
All these technologies pose potential privacy risks that must be considered and mitigated, to ensure our privacy rights are maintained. I am excited to be working in an area where I can contribute to consideration of these important issues, so that the communitys rights are not impaired in the future.
If you could give one piece of advice to someone looking to further their career in government, what would it be?
Seize any opportunities to develop your career by taking on tasks or roles outside of your core capabilities. For example, in one role, I was able to develop an understanding of and capability in manging the offices finances. This type of capability is important for progressing into leadership roles.
Where do you look to for further education? E.g. articles, podcasts, news sources, online courses, university etc.?
Today, we are spoiled for choice in the variety of information resources we have access to. I find articles, podcasts and news sources particularly useful. Newsletters issued by privacy organisations such as the International Association of Privacy Professionals (IAPP) are valuable sources of information about global privacy developments, as are articles sent to me by colleagues with industry expertise. Its important to make time in your diary for at least one hour of further education in your area of expertise a week.
What are you most looking forward to at the event?
I always enjoy engaging with other participants, whether its through the networking sessions, or the question and answer session during my presentation.