Key messages

  • The Victorian Protective Data Security Framework was developed by the Office of the Victorian Information Commissioner.
  • Cemetery trusts are required to meet the Victorian Protective Data Security Standards.
  • Reporting against the Victorian Protective Data Security Standards is mandatory under the Privacy and Data Protection Act 2014.

The Victorian Information Commissioner has developed the Victorian Protective Data Security Framework (the Framework) as required under the Privacy and Data Protection Act 2014. The Framework prescribes mandatory requirements designed to protect data security across the Victorian public sector. In order to comply with the Framework, cemetery trusts are required to meet the Victorian Protective Data Security Standards.

All cemetery trusts are required to complete the Information Security Protective Data Security Plan Single Organisation Form and submit it to the Office of the Victorian Information Commissioner every two years (or sooner if there is a significant organisational change). The current reporting period ends on 31 August 2020.

More information is available on the Office of the Victorian Information Commissioner's website.

For guidance and support regarding protective data and security reporting obligations, contact the Office of the Victorian Information Commissioner at security@ovic.vic.gov.au.