Galexia
             home
       about us
        services
        projects
       research
          contact
» home » services  

Access client and partner extranets (you will need to supply your login id and password)

[Extranet]

Subscribe to Galexia news and announcements.
More information »

[Your Email]

Privacy Management Lifecycle: Our Privacy Products and Services: The management of privacy issues is a recognised (and maturing) compliance task. Galexia has developed a range of tools to assist in privacy management. Find out more »

  Services


[ Galexia Dots ]

Galexia delivers specialist management consulting services. Galexia has expert consultants in privacy, authentication, electronic commerce and new technology. We leverage our legal, business and technical knowledge to deliver successful business strategies to a diverse range of clients.


[ Galexia Dots ]

Summary

Galexia works closely with clients to identify and resolve legal and strategic issues in projects that raise privacy, security, identification or authentication issues. We help a diverse range of business and government clients to understand their legal, regulatory and best practice requirements, and to develop compliance tools and manage stakeholder consultation.

Galexia has an up to date understanding of identification and authentication technology and strategies. Our team has expertise in law, policy, technology and public relations. We have a wealth of experience in conducting and participating in industry and consumer consultations, and in delivering briefings at CEO, Board and Ministerial levels.

Galexia’s team has skills in public relations, clear communication and in dealing with the media as part of the consultation and presentation of project outcomes.

We think strategically and then propose and critically assess solutions, rather than simply inform clients in a legalistic and mechanical way.

Galexia has an excellent track record in working closely with clients to develop appropriate project methodologies and deliver quality project outcomes, based on best practice management systems and high quality infrastructure and support. We take an open, transparent and collaborative approach. We make project materials available via our secure extranet so that clients have the opportunity to collaborate in the project.


[ Galexia Dots ]

Galexia delivers specialist management consulting services to our clients. Our services include:


[ Galexia Dots ]

Identity Management and Authentication - Strategic Consulting

Galexia delivers advice on the complex technologies and applications of identity management and authentication.


[ Galexia Dots ]

Galexia has expertise in identity management and delivering electronic authentication advice.

Galexia’s expertise on identity management includes consideration of the policy context as well as technical design issues, legal compliance, political considerations and community attitudes. Our background in law, technology and public relations makes Galexia uniquely suited to delivering strategic advice on identity management.

Our consultations in authentication involve identifying and analysing the current legal and regulatory framework for the use of electronic authentication, with a particular focus on identifying obstacles to progress, and making recommendations for how such obstacles can be overcome.

Our technical background in both these areas gives us a unique understanding of the inner workings of electronic authentication and identity management technologies and ensures that we provide accurate and detailed advice and analysis in both of these areas.

Galexia is also a member of the Australian Government Information Management Office (AGIMO) Identity Management and Authentication Consultancy Services Panel, specifically in the areas of identity and access management, as well as authentication.

 

Related Projects

Case Studies and additional research

  • Dept of Health and Ageing - The Commonwealth Department of Health and the Ageing commissioned Galexia to produce a strategic issues paper on a "National Health Identifier". The project involved national and international research, consultation with government and non-government stakeholders and the development of findings and recommendations. Read more »
  • AGIMO - IMAGE - Galexia has completed a project with the Australian Government Information Management Office (AGIMO) to conduct a Privacy Impact Assessment (PIA) and develop a Privacy Management Strategy (PMS) for the Identity Management for Government Employees (IMAGE) Framework. The framework provides infrastructure, protocols, policy and work practices that will allow government agencies to efficiently manage the identities of their employees and contractors. Read more »
  • Law Society of NSW - Galexia won a competitive tender to develop policies, procedures and documents for a pilot of the Law Society’s digital credentials. Galexia’s role is to ensure that policies are compatible with current best practices in PKI and the proposed Gatekeeper reforms. Read more »
  • AGIMO - AGAFI - Galexia won a competitive tender to work with the Department of Finance and Administration to conduct consultancy services for the Australian Government e-Authentication Framework for Individuals (AGAFI). The project will involve the provision of strategic advice, and the provision of a Privacy Impact Assessment (PIA) and Privacy Management Strategy (PMS) documentation for publication. Read more »
  • AGIMO - Gatekeeper - Galexia provided consultancy services to the Department of Finance and Administration (now the Department of Finance and Deregulation) to undertake consultancy services relating to the Gatekeeper Public Key Infrastructure (PKI) Framework. The Gatekeeper Strategy governs the use of PKI in government for the authentication of external clients. The strategy provides a whole-of-government framework that delivers integrity, interoperability, authenticity and trust for agencies and their clients. The strategy is underpinned by a standards-based, technology-neutral accreditation program for issuers of digital certificates. Read more »
  • ANTA - Galexia completed a discussion paper for the Australian National Training Authority on legal and regulatory issues in electronic authentication in the Vocational Education and Training sector. The paper includes a chapter on the legal and regulatory framework, including a lengthy summary of all applicable law, plus a detailed chapter on specific legal issues raised by the use of electronic authentication in the education sector. Galexia continues to provide strategic advice to ANTA as they develop their electronic authentication strategy. Read more »
  • ABN-DSC - Galexia prepared a report for NOIE on issues in the use and cross recognition of Australian Business Number Digital Signature Certificates (ABN-DSC). This project included detailed analysis and comparison of all the ABN-DSC Certificate Policies, Certification Practice Statement s and subscriber agreements available in Australia, and an analysis of international developments.

Recent news and updates

 


[ Galexia Dots ]


Identity Management and Authentication - Technical Consulting

Galexia has expertise in identity management technical architecture and implementation, including strategy, business and technical requirements, architecture and design.


[ Galexia Dots ]

Identity and Access Management

Galexia has an excellent understanding of Identity and Access Management. Galexia is a trusted advisor partner on a wide number of high-level strategic and architectural aspects in identity management projects.

Galexia can provide:

  • Stakeholder consultation and business, requirements and risk analysis;
  • Technology evaluation to choose relevant products and vendors, based on wide experience;
  • Strategy, architecture and design supported by detailed technical knowledge and best practices;
  • Planning for deployment;
  • Useful, realistic and respected consulting advice;
  • Open communication;
  • Delivery of professional and high quality outputs and outcomes;
  • A depth of technical, business and legal knowledge and experience.

Galexia has specialised in the architecture of distributed identity solutions, including authentication, authorisation, accounting, auditing, single sign-on, federation, provisioning, synchronisation, public key infrastructure and emerging user-centric (Identity 2.0) approaches.

Galexia has provided senior consulting services to large-scale identity management architecture projects for customers including Australian Government Online Service Point (AGOSP) Authentication Team, Vodafone, Telstra, Bigpond, Sensis, Foxtel, the Australian Taxation Office, the Roads and Traffic Authority NSW and Singapore Government.

The combined user population of the identity management systems Galexia has designed is in the tens of millions.

Galexia’s Identity and Access Management (IAM) Strategy Process and Product Evaluation Matrix

Phase 1: Engage

In this phase, the client and Galexia agree on the project scope and timetable, establish communication and collaboration mechanisms, and decide on reporting requirements.

Phase 2: Identify

This phase focuses on identifying relevant inputs via stakeholder consultations and collection of other relevant materials.

Phase 3: Analyse

In this phase, Galexia develops analysis and advice in a number of key documents:

  • 1: Business Requirements, based on analysis of materials collected in the Discovery phase;
  • 2: Technology Evaluation, comparing a number of vendor offerings across metrics relevant to the identified requirements; and
  • 3: Identity and Access Management (IAM) Strategy, a technology-neutral document setting out a broad vision, identifying key requirements and goals, and presenting a high-level architecture.

Phase 4: Plan

Based on the recommendations and outcomes of the analysis, Galexia will assist in the planning for implementation, including a:

  • Broad, Implementation Roadmap; and
  • More specific Implementation Proposal with a design and scope for proceeding with implementation activities.

 

Related Projects

Case Studies and additional research

  • Major International Financial Institution - Galexia acted for an international financial institution as independent experts to assist their development of identity management - analysing and prioritising business needs, performing a detailed evaluation of available solutions, designing an identity strategy and governance framework, and providing a roadmap for roll-out and implementation. This comprehensive high-level process enabled the client to proceed with confidence, understanding and ownership in their identity management solution. Read more »
  • Australian Government Information Management Office (AGIMO) - Galexia is architecting and designing the identity component of the Australian Government Online Service Point (AGOSP) project, which will provide a single-access portal interface for all Australian Government services to citizens. This work includes facilitation in cross-agency requirements workshops, participation in the consortium architecture group and liaison with OASIS and Liberty standards representatives to ensure that the architecture and design meets international best practices and standards - now and into the future. Galexia has presented the complete design and implementation has commenced. Currently, Galexia is advising the implementation team on design and technical issues on an ongoing basis. Read more »
  • Vodafone - Galexia (with partners, including Sun Microsystems Australia) assisted in the design and delivery of a telco-grade identity management and access control solution for Vodafone Australia. Read more »
  • Singapore iDA - The Infocomm Development Authority of Singapore (iDA) is also spearheading a National Authentication Framework (NAF) programme under their 10 year Intelligent Nation Masterplan. Galexia was chosen as part of a consortium (also including KPMG, Baker & McKenzie.Wong & Leow and Biometix) to drive and guide the establishment of the NAF. Read more »

Recent news and updates

 


[ Galexia Dots ]


Strategic Privacy Consulting

Galexia has expertise and experience in privacy compliance throughout the Asia Pacific region.


[ Galexia Dots ]

We integrate our privacy products and services with business process, software development and technology implementation project lifecycles. Our projects have involved large-scale and technically complex applications. Typically in these projects, getting the privacy right is a core business requirement.

Our privacy consulting focus is on compliance advice and compliance strategies for organisations in Australia and the Asia Pacific. We have direct experience of privacy compliance issues in Australia, Hong Kong, Japan, Korea, New Zealand, Taiwan and the United States.

Galexia is also a member of the Australian Government Information Management Office (AGIMO) Identity Management and Authentication Consultancy Services Panel specifically in the area of privacy.

 

Related Projects

Case Studies and additional research

  • Defence - Galexia provided initial privacy advice to the Department of Defence for their Identity Management Project. Read more »
  • Fidelity - Galexia provided regional privacy advice to the investment firm Fidelity International for their operations in the Asia-Pacific region, including a privacy compliance report, briefing notes on key privacy issues, and a regional privacy strategy. Read more »
  • New South Wales Roads and Traffic Authority - Galexia conducted a Privacy Impact Assessment (PIA) for the NSW Roads and Traffic Authority, covering the RTA’s potential participation in the national Document Verification Service. Read more »
  • Veda Advantage - Galexia was commissioned to prepare an independent submission to the Australian Law Reform Commission’s review of Australian privacy laws. The report analysed the privacy implications of credit reporting. Read more »
  • Asia-Pacific Region at the Privacy Crossroads - This article examines recent trends and developments in Asia-Pacific privacy laws, and the benefits and risks of the region pursuing either of the two leading privacy models - comprehensive privacy legislation as exists in the European Union, or business-driven self-regulation as proposed under the APEC Privacy Framework. Read more »
  • Privacy breach sanctions in the Asia-Pacific region - This article summarises the sanctions available for privacy breaches in Australia, Hong Kong, Japan, Korea, and Taiwan. Read more »

Recent news and updates

 


[ Galexia Dots ]


Privacy Management Lifecycle: Our Privacy Products and Services

The management of privacy issues is a recognised (and maturing) compliance task. Galexia has developed a range of tools to assist in privacy management.


[ Galexia Dots ]

Clients may wish us to be involved in a single aspect of privacy management, ask us to be involved in the privacy management of a whole project, or seek our advice on a regular basis.

Our services and tools include:

Design

Privacy Impact Assessment (PIA)

This assessment identifies privacy issues in specific sectors or applications. A PIA process is particularly useful in implementations of new technology or new processes. By using the PIA tool at the design stage of an implementation organisations can avoid privacy errors and the costs of rectification at later stages.

A sample PIA engagement: How we work with our clients

Galexia has a project management focus. We work closely with our clients and partners to co-manage the delivery of complex and quality project outcomes on time. We take an open, transparent and collaborative approach. We make the Extranet that our consultants use available for our clients to monitor and participate in the project.

  • Step 1: Initial scoping discussion
  • Step 2: Identification of key stakeholders
  • Step 3: Confirmation of project plan
  • Step 4: Consideration of technical issues
  • Step 5: Collection of documentation
  • Step 6: Diagram showing key data flows
  • Step 7: Review of privacy regulations
  • Step 8: Review of other jurisdictions
  • Step 9: Consultation with key stakeholders
  • Step 10: Review of collected material
  • Step 11: Production of draft PIA
  • Step 12: Consultation on draft
  • Step 13: Presentation of final PIA

Galexia's Intelligence Report on Privacy Impact Assessments »

Contact Galexia for more information »

Privacy Management Strategy (PMS)

This tool is used to develop and implement a risk management strategy and practical action plan. Each privacy issue is allocated a response and action is delegated to individuals or organisations. The PMS includes a compliance timetable.


Privacy Risk Management

Public and stakeholder consultations on the chosen strategy are often as important as ensuring technical compliance. Effective consultation can help identify and manage key privacy risks.



[ Galexia Dots ]

Solution Implementation

Privacy Oversight Committee

This tool is used to develop a governance structure to oversee privacy issues arising throughout the life of the implementation. Some privacy issues may not be ascertained at the design stage so reviews and audits under the direction of an oversight committee are often necessary.


Documentation

We assist clients to develop documentation which addresses identified privacy concerns, including privacy manuals, web site privacy policies, integration with existing policy and procedure documents, and customer consent forms.


Training and education

We develop content for and present educational materials and training workshops for staff and key service providers to ensure that the client’s entire business is privacy aware.



[ Galexia Dots ]

Ongoing

Outsourced Chief Privacy Officer (CPO)

The Chief Privacy Officer is responsible for managing privacy compliance within an organisation over time as processes and regulations change. This responsibility may fall within an existing role, or may give rise to a new role. We can advise the client in relation to the structuring of that role in-house and provide assistance to that role, or it may prove more cost effective to outsource that role to us.


Assist in-house Chief Privacy Officer (CPO)

We can provide advice and assistance to an in-house CPO on a retainer or ad-hoc basis. Assistance can include handling complaints and inquiries, providing updates on legal and regulatory developments, and helping meet reporting requirements.


Monitoring - Privacy audit

Reviewing the effective adoption and use of complying processes and documentation on a regular basis (including by independent audit) is a useful tool in identifying and managing privacy risks. It also raises public confidence in the management of privacy, particularly in new technology projects. This process is targeted at identifying and dealing with problems before complaints or claims are received.

 

Related Projects

Case studies and additional research

  • Defence - Galexia provided initial privacy advice to the Department of Defence for their Identity Management Project. Read more »
  • Fidelity - Galexia provided regional privacy advice to the investment firm Fidelity International for their operations in the Asia-Pacific region, including a privacy compliance report, briefing notes on key privacy issues, and a regional privacy strategy. Read more »
  • New South Wales Roads and Traffic Authority - Galexia conducted a Privacy Impact Assessment (PIA) for the NSW Roads and Traffic Authority, covering the RTA’s potential participation in the national Document Verification Service. Read more »

Recent news and updates

 


[ Galexia Dots ]


Specialised Legal and Regulatory Consulting

Galexia delivers detailed legal and regulatory analysis with a strategic perspective.


[ Galexia Dots ]

Our extensive legal background and our understanding of the impact of new technology on business processes allow us to deliver detailed and up to date legal and regulatory analysis. The task of interpreting legislation and regulations which have an impact on new technology products and services is one of Galexia’s core areas of expertise.

Galexia is particularly adept at performing this task in situations where more than one law or standard applies. We are able to develop compliance cross reference tables matching key administrative tasks and processes against all compliance requirements. We also possess the expertise to use these tables in developing plain language, well structured policy, process and guideline documentation.

Galexia has provided advice in every Australian jurisdiction, Hong Kong, Japan, Korea, New Zealand, Taiwan, the United States and all Member Countries of ASEAN (Brunei Darussalam, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam).

We have prepared a number of submissions on behalf of consumer and industry stakeholders.

Galexia staff and associates continue to publish up-to-date articles on all aspects of electronic commerce law, and we provide online teaching materials for Cyberspace Law and Electronic Commerce Law courses at the University of NSW.

 

Related Projects

Case Studies and additional research

  • ASEAN - Galexia partnered with global law firm Baker & McKenzie to develop and implement a harmonised legal infrastructure for electronic commerce in ASEAN (Association of South East Asian Nations: Brunei Darussalam, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam). Read more »
  • DBCDE - Galexia assisted the Department of Broadband, Communications and the Digital Economy in the development of an anti-spam legislation, enforcement and co-operation regime for the Pacific islands Niue, Samoa, and Vanuatu. Read more »
  • UNCTAD - Galexia was commissioned by the United Nations Commission on Trade and Development to prepare a case study on the ASEAN E-Commerce Project for the Information Economy Report 2007-2008. Read more »
  • Veda Advantage - Galexia was commissioned to prepare an independent submission to the Australian Law Reform Commission’s review of Australian privacy laws. The report analysed the privacy implications of credit reporting. Read more »
  • Asia-Pacific Region at the Privacy Crossroads - This article examines recent trends and developments in Asia-Pacific privacy laws, and the benefits and risks of the region pursuing either of the two leading privacy models - comprehensive privacy legislation as exists in the European Union, or business-driven self-regulation as proposed under the APEC Privacy Framework. Read more »
  • Privacy breach sanctions in the Asia-Pacific region - This article summarises the sanctions available for privacy breaches in Australia, Hong Kong, Japan, Korea, and Taiwan. Read more »

Recent news and updates

 


[ Galexia Dots ]


Self-regulation and Codes of Conduct

Galexia delivers strategic advice on industry self-regulation and codes of conduct.


[ Galexia Dots ]

Galexia provides advice on a range of best practice regulation, including industry self-regulation, co-regulation, and codes of conduct. We understand that different regulatory models suit different applications, and advise on the most appropriate model for a given context.

Our legal and technological expertise spans electronic commerce, privacy, identity, authentication, and consumer protection, across a range of industries. We are in a unique position to balance regulatory and best practice requirements with business needs and stakeholder or consumer concerns.

Galexia’s approach and methodology for the development of Codes of Conduct encapsulates best practice approaches to self-regulation and fosters industry consensus and ownership.

Galexia can provide detailed best-practice advice on all of the following:

  • Code membership requirements
  • Conduct and obligations
  • Complaints and Enforcement
  • Code governance and review
  • Identification of Implementation Steps and Transition Issues
  • Code Registration and/or Authorisation

 

Related projects

Case studies and research

  • Queensland Valuation and Sales System Code of Conduct - Galexia developed a Code of Conduct for bulk data access to identified information in the Queensland Valuation and Sales System (QVAS) database, covering privacy protections and complaints mechanisms for access to information about real property transactions in Queensland. Read more »
  • Consumer protection in the telecommunications industry - This issues paper, prepared for CHOICE, provides an overview of consumer concerns with the co-regulatory consumer protection framework in the telecommunications sector in Australia. Read more »
  • Credit Reporting Regulatory Framework - This report, commissioned by Veda Advantage and submitted to the ALRC's review of Australian privacy law, discusses options for a framework for stronger, more effective and more efficient consumer protection in credit reporting in Australia. Read more »
  • Submission to the 2007 Review of the EFT Code of Conduct - This joint submission, prepared by Galexia, CHOICE, the Consumer Action Law Centre and the Centre for Credit and Consumer Law, discusses recent developments in electronic consumer payments, online fraud, and consumer protection. Read more »

Recent news and updates

 


[ Galexia Dots ]


Issues Management: Public and Stakeholder Consultations

Our team has a wealth of experience in conducting and participating in industry and consumer consultations and workshops, and in delivering briefings at CEO, Board and Ministerial levels.


[ Galexia Dots ]

While we have our own extensive network of contacts we also work closely with clients to assist in the consultation process. We are experienced in managing stakeholder liaison and providing stakeholder services such as conducting workshops, stakeholder correspondence, media analysis and advice on the media response.

Galexia’s team also have experience in public relations, clear communication and in developing documentation such as media kits, Frequently Asked Questions, fact sheets, discussion papers and workshop information packs.

 

Related Projects

Case Studies and additional research

  • ANTA - Galexia completed a discussion paper for the Australian National Training Authority on legal and regulatory issues in electronic authentication in the Vocational Education and Training sector. Galexia continues to provide strategic advice to ANTA as they develop their electronic authentication strategy, and has conducted stakeholder consultations and a national workshop to help promote the strategy. Read more »
  • Queensland Transport - Galexia provided strategic advice and privacy compliance advice regarding the upgrade of the Queensland Driver Licence. Read more »
  • AGIMO - AGAFI - Galexia won a competitive tender to work with the Department of Finance and Administration to conduct consultancy services for the Australian Government e-Authentication Framework for Individuals (AGAFI). The project will involve the provision of strategic advice, and the provision of a Privacy Impact Assessment (PIA) and Privacy Management Strategy (PMS) documentation for publication. Read more »
  • Dept of Health and Ageing - The Commonwealth Department of Health and the Ageing commissioned Galexia to produce a strategic issues paper on a ‘National Health Identifier’. The project involved national and international research, consultation with government and non-government stakeholders and the development of findings and recommendations. Read more »
  • Research and publications - Galexia publishes detailed private and public research on privacy, authentication and electronic commerce issues. Read more »

Recent news and updates

 


[ Galexia Dots ]


[up to services]

 

Search for:

PrintVersionprint this page

Sitemapsitemap

Manage email subscriptionsmanage email subscriptions

Subcribe to RSS newsrss news feed

Latest News

March 2010
Galexia prepares submission on consumer fairness tests for ACCAN. Read more »

March 2010
Galexia director Chris Connolly speaking at Asia-Pacific privacy seminar. Read more »

March 2010
Galexia prepares draft interoperability principles for ACCAN. Read more »

view all news items »

[Home] [Sitemap] [Print this page] [Privacy statement]

© Galexia Pty Ltd
Suite 98, Jones Bay Wharf, 26-32 Pirrama Road, Pyrmont (Sydney) NSW 2009, Australia
Telephone: +61 (02) 9660 1111 | Facsimile: +61 (02) 9660 7611
Email: consult@galexia.com