Risk Bites Issue 1
Protecting data and gaining trust
Each month Risk Bites will present a scenario and reflect on the best way to respond.
This time, we will look at data breaches. We want people to trust that we will protect their privacy and be confident that their personal information will be handled in line with their expectations. If a data privacy breach occurs, a quick and effective response can have a positive impact on people’s perception of how trustworthy we are. This common sense approach is also reinforced by the legal requirements.
Imagine this scenario: Michael is organising the annual Church Council meeting schedule and has included the names and addresses of all of the Council members on his schedule. Instead of circulating the details to the Church Council as agreed, Michael accidentally uploads the personal details onto a public website.
What would you do?
What needs to happen: In this situation, we would look at whether there has been a data breach and the steps to be taken.
Why is this important for me/my congregation?
We have certain obligations under the Commonwealth Privacy Act, including to:
- Take reasonable steps to protect personal information;
- Ensure reasonable security safeguards are in place to protect personal information; and
- Investigate and report certain data breaches.
Personal information includes any information that can be used to identify someone. It includes names, addresses, telephone numbers, email addresses, and profession or occupation.
A data breach occurs when personal information is subject to misuse, interference and loss, and to unauthorised access, modification or disclosure.
What do I do if I/my congregation has a suspected or actual data breach?
If you find yourself aware of a suspected or actual data breach within the Synod, please contact the Synod Privacy Officer. The Risk team will guide and support you through the procedure to be followed for investigation of the data breach and any notification.
About the Synod Risk Team
The Uniting Resources’ Risk Team has resolved to focus on partnerships with our communities to build a strong risk aware and safe culture that protects the people of our Church.
In order to accomplish this important mission, it is vital for the Risk team to partner with Presbyteries and Congregations to help create this safe and risk aware culture.
We want to listen to your stories; identify risks early on; recognise areas of great practice and opportunities for improvement. Through working together we will learn from each other and share great systems and processes.
In our work with congregations we have already discovered a great deal of excellent work that we are looking to document and share. We can work with you to:
- Provide Work, Health & Safety training
- Set up a risk assessment template
- Carry out risk assessments and prepare treatment plans
- Provide risk management support to Church Councils
The Risk Team understands that Church members are the experts of the day-to-day activities of their congregation, providing invaluable insight into the needs of your community. The Risk Team wants to work collaboratively to build a strong culture of risk management and safety where care for each other and protection the people and children of the Uniting Church is paramount.