Media Releases

Maddocks launches new data and privacy tool aimed at assisting organisations manage privacy risks under the Privacy Act

• 06 May 2024 • 4 min read
  • Share

To coincide with Privacy Awareness Week, Maddocks has today launched a new data and privacy tool to assist clients with managing privacy risks under the Privacy Act 1988 (Cth) (Privacy Act) and the 13 Australian Privacy Principles (APPs) - and to prepare for proposed changes to these laws.


ADAPT by Maddocks (Australian Data and Privacy Tool) is a digital tool in BETA form which has been developed to efficiently gather information about an organisation’s personal information handling practices, policies, processes and organisational measures through a survey and mapping data tool, with the aim to identify key compliance gaps.

Maddocks Privacy and Cyber Partner and project sponsor Sonia Sharma said: “From our extensive work with clients, we know it’s critical for businesses to have a baseline understanding of their current information handling practices and current compliance measures across their organisation. Having a clear understanding is key to proactively managing privacy compliance risks and improving privacy compliance maturity.

“We know that organisations want to do the right thing, but many simply do not know where to start and the task can feel overwhelming when it comes to privacy compliance. We turned our proven methodology of training, education, information gathering and gap analysis into ADAPT. We saw the need for a solution to quickly help organisations gain a clear picture of their current compliance with the Privacy Act and the APPs.

“Following the large scale data breaches of recent times, the conversation around privacy has moved from the parliament to the pub. Community expectations have changed and so have the laws. Not complying with these obligations can lead to penalties in excess of $50m for serious or repeated breaches. The reputational damage that comes from losing digital trust from customers and other stakeholders can be immense.”

Developed with assistance from the firm’s innovation program, Maddocks Innovus, the tool’s introduction comes as wide ranging reforms to Australia’s Privacy Act are expected to be announced by the Federal Government. Ms Sharma says while some organisations are prepared, others are yet to put in place basic measures required to comply with future changes to the law or even the current state of play.

“The OAIC has clearly stated that the mandatory data breach regime under our Privacy Act is a mature regime, yet we still find organisations who don’t have a data breach response plan or have one that falls well short of regulatory expectations. While the OAIC expects organisations to be conducting Privacy Impact Assessments for new projects, many organisations don’t have a framework in place for conducting these,” Ms Sharma said. “All are mandated in some way or are expected to come into play as part of the Privacy Act reforms.”

In addition to obligations under the Privacy Act, boards and executives have also been warned by the corporate regulator ASIC of the potential for legal action if they were recklessly unprepared for cyberattacks.

“We developed the tool based off years of our practical experience in helping our clients with our detailed understanding of the legislation, regulatory environment and experience on the front line of data breaches,” Ms Sharma said. “With Australia now considered a ‘soft target’ globally, the stakes are higher than ever. We wanted to provide the market with an efficient and effective solution for managing risks in a way which is fit for purpose for the size and scale of the organisation. My hope is that ADAPT by Maddocks will help organisations feel empowered rather than overwhelmed and allow them to develop a clear plan for improving their privacy compliance.”

For more information

Contact Maddocks Head of Communications and Media

Important qualifications

ADAPT by Maddocks has been developed for “organisations” who are required to comply with the Privacy Act and the Australian Privacy Principles. It is not designed for agencies or organisations regulated by state based privacy regimes or other jurisdictional data protection regimes such as UK and EU GDPR. Don’t worry, if these are your requirements we will also be able to assist you, just not currently with ADAPT by Maddocks. Get in touch because at Maddocks we have privacy experts with specialised expertise in a range of key areas and will always ensure you receive advice from the right subject matter expert. ADAPT by Maddocks is designed to assist in the provision of legal advice by privacy and cyber lawyers. We are not cybersecurity or forensic experts and the tool is not a forensic based product. If you need specialised assistance from a cybersecurity expert, Maddocks works with a range of trusted experts in this space and who we would be happy to refer you to them as required. We pride ourselves in being able to collaborate with other stakeholders and experts.

  • Share

Recent articles

Online Access