Galexia
Home About Services Projects Research Contact
» home » services  
[Services]
[Client Login]

Access client and partner extranets (you will need to supply your login id and password)

[Extranet]
[Newsletter]

Subscribe to Galexia news and announcements.
More information »

[Your Email]

Galexia examines privacy laws surrounding data retention by search engines: The powerful search engines that respond to individuals' online queries for information have become an established presence in the online marketplace, offering an indispensable service to millions of users everyday. Find out more »

  Services



Galexia delivers specialist management consulting services. Galexia has expert consultants in privacy, authentication, electronic commerce and new technology. We leverage our legal, business and technical knowledge to deliver successful business strategies to a diverse range of clients.



Summary

Galexia works closely with clients to identify and resolve legal and strategic issues in projects that raise privacy, security, identification or authentication issues. We help a diverse range of business and government clients to understand their legal, regulatory and best practice requirements, and to develop compliance tools and manage stakeholder consultation.

Galexia has an up to date understanding of identification and authentication technology and strategies. Our team has expertise in law, policy, technology and public relations. We have a wealth of experience in conducting and participating in industry and consumer consultations, and in delivering briefings at CEO, Board and Ministerial levels.

Galexia’s team has skills in public relations, clear communication and in dealing with the media as part of the consultation and presentation of project outcomes.

We think strategically and then propose and critically assess solutions, rather than simply inform clients in a legalistic and mechanical way.

Galexia has an excellent track record in working closely with clients to develop appropriate project methodologies and deliver quality project outcomes, based on best practice management systems and high quality infrastructure and support. We take an open, transparent and collaborative approach. We make project materials available via our secure extranet so that clients have the opportunity to collaborate in the project.

Galexia is a Commonwealth Government Endorsed Supplier and has full professional indemnity insurance and public liability insurance.



Galexia delivers specialist management consulting services to our clients. Our services include:



Self-regulation and Codes of Conduct

Galexia delivers strategic advice on industry self-regulation and codes of conduct.



Galexia provides advice on a range of best practice regulation, including industry self-regulation, co-regulation, and codes of conduct. We understand that different regulatory models suit different applications, and advise on the most appropriate model for a given context.

Our legal and technological expertise spans electronic commerce, privacy, identity, authentication, and consumer protection, across a range of industries. We are in a unique position to balance regulatory and best practice requirements with business needs and stakeholder or consumer concerns.

 

Related projects

Case studies and research

Recent news and updates

 




Identity Management and Authentication - Strategic Consulting

Galexia delivers advice on the complex technologies and applications of identity management and authentication.



Galexia has expertise in identity management and delivering electronic authentication advice.

Galexia’s expertise on identity management includes consideration of the policy context as well as technical design issues, legal compliance, political considerations and community attitudes. Our background in law, technology and public relations makes Galexia uniquely suited to delivering strategic advice on identity management.

Our consultations in authentication involve identifying and analysing the current legal and regulatory framework for the use of electronic authentication, with a particular focus on identifying obstacles to progress, and making recommendations for how such obstacles can be overcome.

Our technical background in both these areas gives us a unique understanding of the inner workings of electronic authentication and identity management technologies and ensures that we provide accurate and detailed advice and analysis in both of these areas.

Galexia is also a member of the Australian Government Information Management Office (AGIMO) Identity Management and Authentication Consultancy Services Panel, specifically in the areas of identity and access management, as well as authentication.

 

Related Projects

Case Studies and additional research

  • Dept of Health and Ageing - The Commonwealth Department of Health and the Ageing commissioned Galexia to produce a strategic issues paper on a "National Health Identifier". The project involved national and international research, consultation with government and non-government stakeholders and the development of findings and recommendations. Read more »
  • AGIMO - IMAGE - Galexia has completed a project with the Australian Government Information Management Office (AGIMO) to conduct a Privacy Impact Assessment (PIA) and develop a Privacy Management Strategy (PMS) for the Identity Management for Government Employees (IMAGE) Framework. The framework provides infrastructure, protocols, policy and work practices that will allow government agencies to efficiently manage the identities of their employees and contractors. Read more »
  • Law Society of NSW - Galexia won a competitive tender to develop policies, procedures and documents for a pilot of the Law Society’s digital credentials. Galexia’s role is to ensure that policies are compatible with current best practices in PKI and the proposed Gatekeeper reforms. Read more »
  • AGIMO - AGAFI - Galexia won a competitive tender to work with the Department of Finance and Administration to conduct consultancy services for the Australian Government e-Authentication Framework for Individuals (AGAFI). The project will involve the provision of strategic advice, and the provision of a Privacy Impact Assessment (PIA) and Privacy Management Strategy (PMS) documentation for publication. Read more »
  • AGIMO - Gatekeeper - Galexia provided consultancy services to the Department of Finance and Administration (now the Department of Finance and Deregulation) to undertake consultancy services relating to the Gatekeeper Public Key Infrastructure (PKI) Framework. The Gatekeeper Strategy governs the use of PKI in government for the authentication of external clients. The strategy provides a whole-of-government framework that delivers integrity, interoperability, authenticity and trust for agencies and their clients. The strategy is underpinned by a standards-based, technology-neutral accreditation program for issuers of digital certificates. Read more »
  • ANTA - Galexia completed a discussion paper for the Australian National Training Authority on legal and regulatory issues in electronic authentication in the Vocational Education and Training sector. The paper includes a chapter on the legal and regulatory framework, including a lengthy summary of all applicable law, plus a detailed chapter on specific legal issues raised by the use of electronic authentication in the education sector. Galexia continues to provide strategic advice to ANTA as they develop their electronic authentication strategy. Read more »
  • ABN-DSC - Galexia prepared a report for NOIE on issues in the use and cross recognition of Australian Business Number Digital Signature Certificates (ABN-DSC). This project included detailed analysis and comparison of all the ABN-DSC Certificate Policies, Certification Practice Statement s and subscriber agreements available in Australia, and an analysis of international developments.
  • Research and publications - Galexia publishes detailed private and public research on privacy, authentication and electronic commerce issues. Read more »

Recent news and updates

 




Identity Management and Authentication - Technical Consulting

Galexia has expertise in identity management technical architecture and implementation, including strategy, business and technical requirements, architecture and design.



Galexia has specialist consultants in the architecture of distributed identity solutions, including authentication, authorisation, accounting, auditing, single sign-on, federation, provisioning, synchronisation, public key infrastructure and emerging user-centric (Identity 2.0) approaches.

Galexia has provided technical consulting services to large-scale identity management architecture projects for customers including Vodafone, Telstra, Hutchison Telecommunications, the Australian Taxation Office, the Roads and Traffic Authority NSW, Education Queensland, Rail Corporation of NSW and AMP. The combined user population of the identity management systems that Galexia has provided advice on is in the tens of millions.

Galexia is also a member of the Australian Government Information Management Office (AGIMO) Identity Management and Authentication Consultancy Services Panel, specifically in the areas of identity and access management and authentication, as well as PKI.

 

Related Projects

Case Studies and additional research

  • Vodafone - Galexia (with partners, including Sun Microsystems Australia) assisted in the design and delivery of a telco-grade identity management and access control solution for Vodafone Australia. Read more »
  • Singapore iDA - The Infocomm Development Authority of Singapore (iDA) is also spearheading a National Authentication Framework (NAF) programme under their 10 year Intelligent Nation Masterplan. Galexia was chosen as part of a consortium (also including KPMG, Baker & McKenzie.Wong & Leow and Biometix) to drive and guide the establishment of the NAF. Read more »

Recent news and updates

 




Specialised Legal and Regulatory Consulting

Galexia delivers detailed legal and regulatory analysis with a strategic perspective.



Our extensive legal background and our understanding of the impact of new technology on business processes allow us to deliver detailed and up to date legal and regulatory analysis. The task of interpreting legislation and regulations which have an impact on new technology products and services is one of Galexia’s core areas of expertise.

Galexia is particularly adept at performing this task in situations where more than one law or standard applies. We are able to develop compliance cross reference tables matching key administrative tasks and processes against all compliance requirements. We also possess the expertise to use these tables in developing plain language, well structured policy, process and guideline documentation.

Galexia has provided advice in every Australian jurisdiction, Hong Kong, Japan, Korea, New Zealand, Taiwan, the United States and all Member Countries of ASEAN (Brunei Darussalam, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam).

Galexia staff and associates continue to publish up-to-date articles on all aspects of electronic commerce law, and we provide online teaching materials for Cyberspace Law and Electronic Commerce Law courses at the University of NSW.

 

Related Projects

Case Studies and additional research

  • ASEAN - Galexia partnered with global law firm Baker & McKenzie to develop and implement a harmonised legal infrastructure for electronic commerce in ASEAN (Association of South East Asian Nations: Brunei Darussalam, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam). Read more »
  • ANTA - Galexia completed a discussion paper for the Australian National Training Authority (ANTA) on legal and regulatory issues in electronic authentication in the Vocational Education and Training sector. The paper includes a chapter on the legal and regulatory framework, including a lengthy summary of all applicable law, plus a detailed chapter on specific legal issues raised by the use of electronic authentication in the education sector. Galexia continues to provide strategic advice to ANTA as they develop their electronic authentication strategy. Read more »
  • Level 3 - Galexia worked with Baker & McKenzie to deliver a Privacy Impact Assessment (PIA) and develop advice on web site privacy policies, US Safe Harbour arrangements, the implications of the EU Data Protection Directive, and data retention rules. Read more »
  • UNSW - Digital Document Retention Research - Galexia provided research and advice on legal and strategic issues in Digital Document Retention. This included detailed Australian and international research. Read more »
  • Research and publications - Galexia publishes detailed private and public research on privacy, authentication and electronic commerce issues. Read more »

Recent news and updates

 




Issues Management: Public and Stakeholder Consultations

Our team has a wealth of experience in conducting and participating in industry and consumer consultations and workshops, and in delivering briefings at CEO, Board and Ministerial levels.



While we have our own extensive network of contacts we also work closely with clients to assist in the consultation process. We are experienced in managing stakeholder liaison and providing stakeholder services such as conducting workshops, stakeholder correspondence, media analysis and advice on the media response.

Galexia’s team also have experience in public relations, clear communication and in developing documentation such as media kits, Frequently Asked Questions, fact sheets, discussion papers and workshop information packs.

 

Related Projects

Case Studies and additional research

  • ANTA - Galexia completed a discussion paper for the Australian National Training Authority on legal and regulatory issues in electronic authentication in the Vocational Education and Training sector. Galexia continues to provide strategic advice to ANTA as they develop their electronic authentication strategy, and has conducted stakeholder consultations and a national workshop to help promote the strategy. Read more »
  • Queensland Transport - Galexia provided strategic advice and privacy compliance advice regarding the upgrade of the Queensland Driver Licence. Read more »
  • AGIMO - AGAFI - Galexia won a competitive tender to work with the Department of Finance and Administration to conduct consultancy services for the Australian Government e-Authentication Framework for Individuals (AGAFI). The project will involve the provision of strategic advice, and the provision of a Privacy Impact Assessment (PIA) and Privacy Management Strategy (PMS) documentation for publication. Read more »
  • Dept of Health and Ageing - The Commonwealth Department of Health and the Ageing commissioned Galexia to produce a strategic issues paper on a ‘National Health Identifier’. The project involved national and international research, consultation with government and non-government stakeholders and the development of findings and recommendations. Read more »
  • Research and publications - Galexia publishes detailed private and public research on privacy, authentication and electronic commerce issues. Read more »

Recent news and updates

 




Strategic Privacy Consulting

Galexia has expertise and experience in privacy compliance throughout the Asia Pacific region.



We integrate our privacy products and services with business process, software development and technology implementation project lifecycles. Our projects have involved large-scale and technically complex applications. Typically in these projects, getting the privacy right is a core business requirement.

Our privacy consulting focus is on compliance advice and compliance strategies for organisations in Australia and the Asia Pacific. We have direct experience of privacy compliance issues in Australia, Hong Kong, Japan, Korea, New Zealand, Taiwan and the United States.

Galexia is also a member of the Australian Government Information Management Office (AGIMO) Identity Management and Authentication Consultancy Services Panel specifically in the area of privacy.

 

Related Projects

Case Studies and additional research

  • NOIE/OFPC - Galexia completed a discussion paper for the National Office for the Information Economy and the Office of the Federal Privacy Commissioner on privacy issues arising from the use of Gatekeeper digital certificates. Read more »
  • AGIMO - IMAGE - Galexia has completed a project with the Australian Government Information Management Office (AGIMO) to conduct a Privacy Impact Assessment (PIA) and develop a Privacy Management Strategy (PMS) for the Identity Management for Government Employees (IMAGE) Framework. The framework provides infrastructure, protocols, policy and work practices that will allow government agencies to efficiently manage the identities of their employees and contractors. Read more »
  • Biometrics and Privacy - Galexia has provided strategic privacy advice to a major government agency on the design and implementation of biometric identity solutions.
  • CSIRO - Galexia was engaged by the CSIRO to analyse privacy and trust issues in the use of health data in research and in applications in clinical settings. This analysis considers new technology products in the identity management and authentication space, including strategic advice on the commercialisation of products developed by CSIRO -- for example, Privacy Preserving Analytics (PPA). Read more »
  • NEHTA - The National E-Health Transition Authority (NEHTA) asked Galexia to contribute the development of a secure, interoperable e-health environment in Australia. The project involves the development of two different types of healthcare identifiers. As such, Galexia’s primary role is the development of two preliminary Privacy Impact Assessments (PIAs) to examine and document potential privacy concerns. Read more »
  • Dept of Health and Ageing - The Commonwealth Department of Health and the Ageing commissioned Galexia to produce a strategic issues paper on a "National Health Identifier". The project involved national and international research, consultation with government and non-government stakeholders and the development of findings and recommendations. Read more »
  • Queensland Transport - Galexia provided strategic advice and privacy compliance advice regarding the upgrade of the Queensland Driver Licence, which includes a Privacy Impact Assessment (PIA) and a Privacy Management Strategy (PMS). Read more »
  • Research and publications - Galexia publishes detailed private and public research on privacy, authentication and electronic commerce issues. Read more »

Recent news and updates

 




Privacy Management Lifecycle: Our Privacy Products and Services

The management of privacy issues is a recognised (and maturing) compliance task. Galexia has developed a range of tools to assist in privacy management.



Clients may wish us to be involved in a single aspect of privacy management, ask us to be involved in the privacy management of a whole project, or seek our advice on a regular basis.

Our services and tools include:

Design

Privacy Impact Assessment (PIA)

This assessment identifies privacy issues in specific sectors or applications. A PIA process is particularly useful in implementations of new technology or new processes. By using the PIA tool at the design stage of an implementation organisations can avoid privacy errors and the costs of rectification at later stages.

A sample PIA engagement: How we work with our clients

Galexia has a project management focus. We work closely with our clients and partners to co-manage the delivery of complex and quality project outcomes on time. We take an open, transparent and collaborative approach. We make the Extranet that our consultants use available for our clients to monitor and participate in the project.

  • Step 1: Initial scoping discussion
  • Step 2: Identification of key stakeholders
  • Step 3: Confirmation of project plan
  • Step 4: Consideration of technical issues
  • Step 5: Collection of documentation
  • Step 6: Diagram showing key data flows
  • Step 7: Review of privacy regulations
  • Step 8: Review of other jurisdictions
  • Step 9: Consultation with key stakeholders
  • Step 10: Review of collected material
  • Step 11: Production of draft PIA
  • Step 12: Consultation on draft
  • Step 13: Presentation of final PIA

Galexia's Intelligence Report on Privacy Impact Assessments »

Contact Galexia for more information »



Privacy Management Strategy (PMS)

This tool is used to develop and implement a risk management strategy and practical action plan. Each privacy issue is allocated a response and action is delegated to individuals or organisations. The PMS includes a compliance timetable.

Case Studies and additional research

  • Queensland Transport - Galexia is providing strategic advice and privacy compliance advice regarding the upgrade of the Queensland Driver Licence, which includes a Privacy Impact Assessment (PIA) and a Privacy Management Strategy (PMS). Read more »




Privacy Risk Management

Public and stakeholder consultations on the chosen strategy are often as important as ensuring technical compliance. Effective consultation can help identify and manage key privacy risks.




Solution Implementation

Privacy Oversight Committee

This tool is used to develop a governance structure to oversee privacy issues arising throughout the life of the implementation. Some privacy issues may not be ascertained at the design stage so reviews and audits under the direction of an oversight committee are often necessary.


Documentation

We assist clients to develop documentation which addresses identified privacy concerns, including privacy manuals, web site privacy policies, integration with existing policy and procedure documents, and customer consent forms.


Training and education

We develop content for and present educational materials and training workshops for staff and key service providers to ensure that the client’s entire business is privacy aware.




Ongoing

Outsourced Chief Privacy Officer (CPO)

The Chief Privacy Officer is responsible for managing privacy compliance within an organisation over time as processes and regulations change. This responsibility may fall within an existing role, or may give rise to a new role. We can advise the client in relation to the structuring of that role in-house and provide assistance to that role, or it may prove more cost effective to outsource that role to us.


Assist in-house Chief Privacy Officer (CPO)

We can provide advice and assistance to an in-house CPO on a retainer or ad-hoc basis. Assistance can include handling complaints and inquiries, providing updates on legal and regulatory developments, and helping meet reporting requirements.


Monitoring - Privacy audit

Reviewing the effective adoption and use of complying processes and documentation on a regular basis (including by independent audit) is a useful tool in identifying and managing privacy risks. It also raises public confidence in the management of privacy, particularly in new technology projects. This process is targeted at identifying and dealing with problems before complaints or claims are received.

 

Related Projects

Case studies and additional research

Recent news and updates

 




[up to services]

 
Search
PrintVersion
Sitemap
Manage email subscriptions

[Latest News]

November 2008
Forthcoming - Privacy in consumer credit reporting. Read more »

November 2008
The ALRC recommendations for Cross Border Transfers. Read more »

October 2008
CHOICE publishes Galexia report on consumer protection in the telecommunications industry. Read more »

view all news items »

[Home] [Sitemap] [Print this page] [Privacy statement]

© Galexia Pty Ltd
Suite 95, Jones Bay Wharf, 26-32 Pirrama Road, Pyrmont (Sydney) NSW 2009, Australia
Telephone: +61 (02) 9660 1111 | Facsimile: +61 (02) 9660 7611
Email: consult@galexia.com