Commonwealth Data Protection Plan


Mooting in 2014, the Australian Government looks to strengthen data protection requirements for by requiring IT suppliers to provide a “Commonwealth Data Protection Plan” (CDPP).

The CDPP essentially describes how an agency would treat its data during the phases of its lifecycle. The data lifecycle typically entails:

  • Collection
  • Usage & Disclosure
  • Storage & Archival
  • Disposal & Destruction

It also looks to integrate with other data protection mechanisms like:

  • The ISM from
  • PSPF
  • Privacy Assessments from the Privacy Act
  • AML/CTF Laws
  • Archives Act
  • GDPR
  • Others…

Leave a Reply