The Great Barrier Reef Marine Park Authority (Reef Authority) is required by the Privacy (Australian Government Agencies – Governance) APP Code 2017 (the Code) to conduct a Privacy Impact Assessment (PIA) for all high risk privacy projects.
A project may be a high risk privacy project if the Reef Authority considers that the project involves any new or changed ways of handling personal information that are likely to have a significant impact on the privacy of individuals.
The Reef Authority is also required to conduct a PIA if directed to do so by the Office of the Australian Information Commissioner (OAIC).
The Reef Authority is required to maintain a register of all PIAs it conducts and publish that register, or a version of that register, on its website.
This Privacy Impact Assessment Register (below) is published in full compliance with those requirements.
- Title of project: Visitor Management System (WhosOnLocation Software)
- Date PIA undertaken: April 2021
- Section: Reef HQ and Property Services
- Summary and outcome: The privacy impacts of the overall project were assessed as low. Nevertheless, seven (7) recommendations were made as a result of the Privacy Impact Assessment. The Authority subsequently considered and adopted all recommendations made and will implement them prior to the implementation of the project and/or throughout the life of the project.
- Title of project: Eye on the Reef (program upgrade)
- Date PIA undertaken: July 2021
- Section: Science for Management
- Summary and outcome: The privacy impact of the program upgrade was not considered to be ‘high risk’ however twenty (20) recommendations were made as a result of the Privacy Impact Assessment. The Authority is in the process of considering all recommendations made and will implement as many as reasonably possible throughout the life of the project.