Privacy Impact Assessment (PIA) Register

The Australian Digital Health Agency (the Agency) is required by the Privacy (Australian Government Agencies – Governance) APP Code 2017 (Cth) (the Code) to conduct a Privacy Impact Assessment (PIA) for projects with a high privacy risk.

A project may be a high privacy risk if the Agency considers that the project involves any new or changed ways of handling personal information that are likely to have a significant impact on the privacy of individuals.

The Agency is required by the Code to maintain a register of the PIAs it conducts. The Agency has listed all PIAs conducted by the Agency since it commenced operations on 1 July 2016.

Privacy Impact Assessments

The Agency has conducted the following PIAs:

 Subject of PIA        Date PIA completed
My Health Record – National Opt-out Model Implementation 03/07/2017
My Health Record – Data Linkage Project (project did not proceed) 17/08/2018
Service Registration Assistant – Secure Messaging 23/07/2019
My Health Record – Data Quality Assessment 18/10/2019