New IPOLA resources and guidelines to kick off 2025

Resources

As Queensland public sector staff return from the summer break, OIC is releasing the first IPOLA resources and guidelines in 2025 to help agencies prepare for the upcoming reforms.

There is now a new IPOLA Resources page on our website including templates, checklists and other practical tools to support agencies on their IPOLA journey.

The first tranche of resources respond to stakeholder feedback that prioritised privacy impact assessment (PIA) tools to help agencies fully consider business changes, either from upcoming projects or the changes needed to implement IPOLA reforms. Three tools are now available:

• IPOLA Resource – PIA Risk Consideration Resource (PDF, 203.51 KB)
• IPOLA Resource – PIA Threshold Assessment Form (PDF, 536.51 KB)
• IPOLA Resource – PIA Report Template. (DOCX, 1271.9 KB)

Guidelines

OIC has also released two new IPOLA guidelines that focus on the mandatory notification of data breach scheme (MNDB):

• Assessing a data breach (PDF, 1320.83 KB)

This guideline details the matters to consider in the event of a data breach. It contains a visual flowchart summary   (PDF, 94.52 KB) of the data breach assessment process, that can also be accessed from the IPOLA Resources webpage.

• Data breaches and contracted service providers (PDF, 568.41 KB)

This guideline was developed in response to stakeholder feedback seeking further advice about how outsourced or contracted service provider relationships are impacted by the new MNDB requirements. It explores legislated requirements and contract terms, with scenarios to demonstrate key points.

OIC will continue to rollout new resources in 2025. Public sector staff are encouraged to subscribe to our weekly newsletter to keep up to date.