We conduct a privacy impact assessment (PIA) for any project that has a high privacy risk. This complies with the Privacy (Australian Government Agencies — Governance) APP Code 2017.
A project might have a high privacy risk if it could significantly affect a person's privacy.
During the assessment process, we:
- identify aspects of the project that could affect someone’s privacy
- find ways to manage, reduce or remove those any such impacts
- publish the assessment outcome on this page.
The Office of the Australian Information Commissioner provides more advice on conducting privacy impact assessments.
|Date of assessment||Subject of assessment||Outcome of assessment|
|June 2018||CASA aviation reference number web portal||No privacy impacts identified|
|30 April 2020||ACR transfer of ownership applications||Recommended revising privacy declaration|
|13 January 2021||Licence reprint requests||No additional risks identified|
|14 January 2021||Fireworks applications||Recommended revising privacy declaration|
|January 2021||AROC English language proficiency notifications||Recommended revising privacy declaration/consents|
|15 January 2021||Flight review notifications||Recommended revising privacy declaration/consents|
|15 January 2021||Flight review notifications||No additional treatments recommended|
|15 January 2021||Multiple functions||Recommended revising privacy declaration/consents|
|September 2021||One Model human resources analytics tool||Recommended treatments for risks identified in security risk management plan|
|November 2022||Arrangements for hosting CASA’s website on GovCMS platform||Various risk treatments recommended|