Indi provides high-quality privacy, FOI, probity and procurement services for Australian Government clients. She conducts privacy impact assessments (PIA) of complex ICT systems and proposed amendments to legislation, and also provides advice on the application of the Privacy Act 1988 (Cth) more generally. In particular, Indi has extensive experience in advising on whether incidents constitute eligible data breaches for the purposes of the Notifiable Data Breaches Scheme, and whether the handling of personal information is consistent with the secrecy provisions of relevant legislation.
Indi is an experienced FOI practitioner and regularly advises Commonwealth agencies on their obligations under the Freedom of Information Act (Cth), and how they can balance their legislative obligations with their strategic objectives. Indi has extensive experience in drafting submissions for FOI matters before the Information Commissioner and the Administrative Appeals Tribunal.
Indi also provides pragmatic probity and procurement advice on a range of significant procurements and divestments, particularly in the defence, geo-spatial and education sectors. Indi has extensive experience in drafting and reviewing approach to market and probity documentation to ensure that it is consistent with the Commonwealth Procurement Rules, and providing probity advice on discrete issues like conflicts of interest, confidentiality and compliance with the Black Economy Procurement Connected Policy.
Department of Health
Conducted an urgent privacy impact assessment for the development and deployment of the COVIDSafe App. Nineteen recommendations were made to improve the privacy protections for individuals, and almost all of the recommendations were adopted in full, which assisted in assuring the Australian public that the Government had appropriately considered and addressed the privacy risks associated with the COVIDSafe App.
Department of the Treasury
Conducted an independent privacy impact assessment of the complex Consumer Data Right regime, which is being implemented by the Department, together with the Australian Competition and Consumer Commission as the proposed regulator, the Office of the Australian Information Commissioner and the interim Standards Body (and its technical adviser Data61).
Provided extensive advice on whether incidents constitute eligible data breaches for the purposes of the Notifiable Data Breaches scheme, and also advised on the preparation of statements to the Office of the Australian Information Commissioner and affected individuals; provided advice on whether an incident constituted a breach of contract by a third-party service provider.
Department of Agriculture, Water and the Environment
Provided extensive assistance to the Department in respect of a number of freedom of information matters, including those at internal review stage and those before the Information Commissioner; drafted decisions on access and submissions for the Information Commissioner; and balanced the Department’s legislative obligations with its strategic objectives.
Department of Education, Skills and Employment
Conducted a complex privacy impact assessment (PIA) on the proposed implementation of new legislation and associated ICT systems which were designed to streamline the provision of student information to the Commonwealth by various tertiary institutions, for subsequent use by a number of Commonwealth entities. The PIA involved detailed consideration of information sharing arrangements, complex information flows and alignment of data handling roles and responsibilities.