Search

Consider privacy, consent and control: Safeguard user data by adhering to the Australian Privacy Principles and the Privacy Act 1988. Always get explicit, informed consent before collecting a user’s data and provide a means to update or delete it. Allow users to report inaccurate data and respond with how it has been rectified. Notify users about their responsibilities to protect their data, such as not sharing their password with others.
Eliminate ambiguity in the user interface: Provide validating feedback and progress tracking as users interact with the service. Design to eliminate the need for error messages in the first place. When creating error messages, make them understandable and actionable. Tell users what information they need before they start a task and, where appropriate, allow them to pause and resume at their own pace.
Secure by design: Use the Information Security Manual, the Essential Eight and other resources from the Australian Cyber Security Centre to thoroughly assess the service’s threats, posture and protections. Plan for the requirements and system hardening that will support the service throughout design, build, operation and decommissioning.
Embrace contestability: Offer clear avenues for users to submit complaints, contest decisions or report issues, including security data and cyber concerns. To increase the likelihood of useful feedback, make avenues anonymous by default and identifying by choice wherever possible. To demonstrate that feedback has been addressed or will inform future action, provide users with timely and transparent responses. Responses should be tailored to the feedback.
Undertake periodic audits: Audit the service, data-handling practices, security incidents and compliance with whole-of-government policies. Use an independent review to test assumptions and identify issues that may be taken for granted. Use these results to improve and keep the service fit for purpose (Criterion 10 ‘Keep it relevant’).

Guidance to build trust in design

Ensure security measures are up to date

Prioritise service security measures and have processes in place to ensure that they are efficient and current. Use methods or tools such as:

Conduct regular and comprehensive security audits to identify vulnerabilities in the digital service. This includes penetration testing and assessments to keep security measures robust and up to date.
Regularly update software, hardware and security protocols to protect against new and emerging threats. This includes prompt application of patches, updates and security fixes.
Implement ongoing security training for staff on best practices, include phishing recognition attempts and secure handling of sensitive data.
Establish and regularly update an incident response plan to prepare for potential security breaches. Outline steps for detecting security incidents, responding to them and recovering.

Off

Establish processes for preventing misinformation

Prioritise the accuracy of information provided. Put processes in place for regular checks and updates. Use methods or tools such as:

Establishing clear guidelines for content moderation to prevent misinformation. This includes procedures for reviewing and verifying information before it is published.
Implement reporting mechanisms so users can flag misinformation or content they believe is inaccurate. This encourages user engagement and helps maintain the integrity of information provided.
Maintain processes for regular content updates and corrections when information inaccuracies are identified. Transparent correction processes build trust.

Off

Ensure the service is resilient against cyber threats

Have processes in place to make sure the service is resilient and updated against current and imminent cyber threats. Use methods or tools such as:

Implement a layered security strategy that includes firewalls, intrusion detection systems and encryption to create multiple anti cyber barriers.
Develop and test disaster recovery and business continuity plans to ensure the service runs quickly to recover from cyber incidents, including data breaches or denial-of-service attacks.
Continuously monitor and assess emerging cyber threats. This involves subscribing to threat intelligence services and keeping abreast of industry developments.
Educate users about cybersecurity best practices, such as using strong passwords and recognising phishing attempts. An informed user base enhances overall security.

Off

Document your findings

Document your findings and recommendations to apply criterion 5:

Ensure timely updates of software and hardware to protect against the latest threats and implement ongoing training programs for staff on security best practices.
Establish and regularly update an incident response plan outlining procedures for handling security breaches.
Create guidelines for content moderation to prevent misinformation.
Make sure the data is collected and documented in a centralised knowledge repository.

Off

Links

Off

Prioritise service security measures and have processes in place to ensure that they are efficient and current. Use methods or tools such as:
- Conduct regular and comprehensive security audits to identify vulnerabilities in the digital service. This includes penetration testing and assessments to keep security measures robust and up to date.
- Regularly update software, hardware and security protocols to protect against new and emerging threats. This includes prompt application of patches, updates and security fixes.
- Implement ongoing security training for staff on best practices, include phishing recognition attempts and secure handling of sensitive data.
- Establish and regularly update an incident response plan to prepare for potential security breaches. Outline steps for detecting security incidents, responding to them and recovering.
Prioritise the accuracy of information provided. Put processes in place for regular checks and updates. Use methods or tools such as:
- Establishing clear guidelines for content moderation to prevent misinformation. This includes procedures for reviewing and verifying information before it is published.
- Implement reporting mechanisms so users can flag misinformation or content they believe is inaccurate. This encourages user engagement and helps maintain the integrity of information provided.
- Maintain processes for regular content updates and corrections when information inaccuracies are identified. Transparent correction processes build trust.
Have processes in place to make sure the service is resilient and updated against current and imminent cyber threats. Use methods or tools such as:
- Implement a layered security strategy that includes firewalls, intrusion detection systems and encryption to create multiple anti cyber barriers.
- Develop and test disaster recovery and business continuity plans to ensure the service runs quickly to recover from cyber incidents, including data breaches or denial-of-service attacks.
- Continuously monitor and assess emerging cyber threats. This involves subscribing to threat intelligence services and keeping abreast of industry developments.
- Educate users about cybersecurity best practices, such as using strong passwords and recognising phishing attempts. An informed user base enhances overall security.
Document your findings and recommendations to apply criterion 5:
- Ensure timely updates of software and hardware to protect against the latest threats and implement ongoing training programs for staff on security best practices.
- Establish and regularly update an incident response plan outlining procedures for handling security breaches.
- Create guidelines for content moderation to prevent misinformation.
- Make sure the data is collected and documented in a centralised knowledge repository.

‘Build once, use many times’

Apply reuse in decision-making: Use the Australian Government Architecture to understand the tools, capabilities, policies and standards for building government services. Identify and document how they are applied in decision-making.

Apply learnings from predecessors: Reach out to teams and agencies for their experiences and lessons creating similar services and how to apply them to other services.

Off

Design for a common, seamless experience

Adopt open standards where appropriate: Consider how reuse and open standards can support other services across government. Where appropriate, design and build with them to bring the service to more platforms, improve data sharing capability, prevent vendor lock-in and create familiarity for users.

Off

Reuse data where possible

Review existing data: Review the data already collected and how it can be reused in the service. Where appropriate, consider if safe, ethical data-sharing arrangements under the Data Availability and Transparency Act Scheme can be employed. Actions to leverage ethical, data-driven decision making can be found in Criteria 5 (‘Build Trust in Design’) and Criteria 7 (‘Do No Harm’).

Off

Apply reuse in decision-making: Use the Australian Government Architecture to understand the tools, capabilities, policies and standards for building government services. Identify and document how they are applied in decision-making.
Apply learnings from predecessors: Reach out to teams and agencies for their experiences and lessons creating similar services and how to apply them to other services.
Review existing data: Review the data already collected and how it can be reused in the service. Where appropriate, consider if safe, ethical data-sharing arrangements under the Data Availability and Transparency Act Scheme can be employed. Actions to leverage ethical, data-driven decision making can be found in Criteria 5 (‘Build Trust in Design’) and Criteria 7 (‘Do No Harm’).

Guidance to not reinvent the wheel

Apply criterion 6 of the Service Standard: Don’t reinvent the wheel

To meet criteria 6 of the Digital Service Standard refer to the Digital Access Standard. The Digital Access standard is an extension of criteria 6 of the Digital Service Standard.

Off

To meet criteria 6 of the Digital Service Standard refer to the Digital Access Standard. The Digital Access standard is an extension of criteria 6 of the Digital Service Standard.

Protects users’ digital rights

Uphold digital rights: Consider how the service might impact the digital rights of users. Build with pre-emptive measures in mind, such as net neutrality, access to information without censorship and freedom of online assembly. Identify users facing greater personal risks and make sure they’re provided with the means to access, communicate and contest the service transparently or anonymously. If rights are breached, move quickly to implement changes that prevent future harm.

Consider flow-on effects: Consider the implications of the service beyond its immediate impacts. Workshop environmental, economic or social impacts and undertake scenario planning to explore unforeseen issues and opportunities.

Off

Understand privacy impacts

Undertake a Privacy Impact Assessment: Undertake a Privacy Impact Assessment to capture issues. Mitigate unwarranted and unauthorised surveillance, data collection and malicious data breaches and share these actions with users.

Obtain consent: Where required, seek and obtain informed consent from users prior to collecting, storing or disclosing any of their data. Consider opt-out options and build the service to require as little user data as possible.

Be transparent: Communicate how data will be used or may be used in the future at the time of consent. This includes how it may be shared with other people or between services and secondary or less obvious uses.

Off

Understand the limits of data

Use data ethically: Data should only be collected and used for the stated purpose that the user agrees to. Account for how data models, datasets and algorithms may produce discriminatory results and provide transparent detail to users on how decisions and calculations are made. Before sharing data, apply the DATA Scheme’s Data Sharing Principles to help assess whether it would be safe to do so.

Use qualitative and quantitative data: Quantitative data, which is numeric or measurable, helps us understand what is happening on a service. Qualitative data, which is descriptive or observable, helps us understand why. Use both to fully understand the story and match any correlation with a provable causation. Do this before making important decisions.

Off

Uphold digital rights: Consider how the service might impact the digital rights of users. Build with pre-emptive measures in mind, such as net neutrality, access to information without censorship and freedom of online assembly. Identify users facing greater personal risks and make sure they’re provided with the means to access, communicate and contest the service transparently or anonymously. If rights are breached, move quickly to implement changes that prevent future harm.
Consider flow-on effects: Consider the implications of the service beyond its immediate impacts. Workshop environmental, economic or social impacts and undertake scenario planning to explore unforeseen issues and opportunities.
Undertake a Privacy Impact Assessment: Undertake a Privacy Impact Assessment to capture issues. Mitigate unwarranted and unauthorised surveillance, data collection and malicious data breaches and share these actions with users.
Obtain consent: Where required, seek and obtain informed consent from users prior to collecting, storing or disclosing any of their data. Consider opt-out options and build the service to require as little user data as possible.
Be transparent: Communicate how data will be used or may be used in the future at the time of consent. This includes how it may be shared with other people or between services and secondary or less obvious uses.
Use data ethically: Data should only be collected and used for the stated purpose that the user agrees to. Account for how data models, datasets and algorithms may produce discriminatory results and provide transparent detail to users on how decisions and calculations are made. Before sharing data, apply the DATA Scheme’s Data Sharing Principles to help assess whether it would be safe to do so.
Use qualitative and quantitative data: Quantitative data, which is numeric or measurable, helps us understand what is happening on a service. Qualitative data, which is descriptive or observable, helps us understand why. Use both to fully understand the story and match any correlation with a provable causation. Do this before making important decisions.

Guidance to do no harm

Undertake privacy impact assessments and plan to address findings

Regularly undertake privacy impact assessments and plan to incorporate these service improvements. Use methods or tools such as:

Develop a standardised framework for conducting privacy impact assessments. The framework should outline the steps to identify and assess privacy risks associated with new projects or services.
Involve relevant stakeholders, including legal, compliance, IT and user representatives, in the privacy impact assessment process. This can help identify potential privacy risks and ensure assessments are comprehensive.
Establish processes for ongoing monitoring of privacy impacts as the service evolves. Regularly review and update the assessment to reflect changes in data practices, technology, or regulations.
Map out how data will be collected, processed, stored, and shared throughout the service lifecycle. Understanding these data flows is crucial to identifying potential privacy impacts.

Off

Collect, store and use data in a considered way

Collect, store and use data ethically. Embed these methods into your ongoing processes and clearly communicate to users how their data is stored and used:

Adopt a data minimisation principle and only collect and store data that’s necessary for the service's functionality. This limits exposure to privacy risks.
Evaluate the quality of the data collected. Ensure that data is accurate, relevant and up to date to avoid misinterpretations and misuse.
Establish clear data retention policies that outline how long the data will be stored and the criteria for data deletion. This prevents unnecessary accumulation of data over time.
Implement role-based access controls to limit access to sensitive data. This reduces the risk of unauthorised access and enhances data security.
Establish and publish ethical guidelines regarding the collection, use and sharing of data. These guidelines should prioritise user privacy and consent.
Conduct regular audits of data collection and usage practices to comply with ethical guidelines and regulations.
Develop clear and concise privacy notices so users know how their data is collected, used and shared. Ensure these notices are accessible, easy to access and understand.

Off

Document your findings

Document your findings and recommendations to apply criterion 7:

Clearly document privacy risks, potential impacts and mitigation recommendations.
Create actionable plans to address risks, including technical controls and policy revisions. Establish ongoing monitoring to update assessments as the service evolves
Map the data lifecycle, including collection, processing, storage and sharing, to identify potential privacy issues.
Make sure the data is collected and documented in a centralised knowledge repository.
Thoroughly document findings of the privacy impact assessment, include identified risks, potential impacts on user privacy, and recommendations for mitigating those risks.
Create action plans to address findings of the privacy impact assessment. This includes implementing specific technical controls, revising policies, or enhancing user communications regarding data practices.

Off

Links

Off

Guidance to build trust in design

Guidance to not reinvent the wheel

Guidance to do no harm

DXP policy

Connect with the digital community