The Office of the Australian Information Commissioner has released its Guide to Securing Personal Information. This replaces the previous “Guide to Information Security”.
The new Guide will help agencies and organisations to meet their obligations under the Australian Privacy Principles (APPs) to take reasonable steps to protect personal information. It puts more emphasis on the information lifecycle and specifically addresses the requirements in APP 11 (security of personal information).
For the first time, the Guide includes a cloud computing section which outlines the requirements that apply when information handling is outsourced to a third party provider, and a checklist to help organisations determine whether to use a cloud computing service.
You can view the Guide here.