Privacy Management Lifecycle: Our Privacy Products and Services

[ Galexia Dots ]

The management of privacy issues is a recognised (and maturing) compliance task. Galexia has developed a range of tools to assist in privacy management.

[ Galexia Dots ]

Clients may wish us to be involved in a single aspect of privacy management, ask us to be involved in the privacy management of a whole project, or seek our advice on a regular basis.

Our services and tools include:


Privacy Impact Assessment (PIA)

This assessment identifies privacy issues in specific sectors or applications. A PIA process is particularly useful in implementations of new technology or new processes. By using the PIA tool at the design stage of an implementation organisations can avoid privacy errors and the costs of rectification at later stages.

Privacy Management Strategy (PMS)

This tool is used to develop and implement a risk management strategy and practical action plan. Each privacy issue is allocated a response and action is delegated to individuals or organisations. The PMS includes a compliance timetable.

Privacy Risk Management

Public and stakeholder consultations on the chosen strategy are often as important as ensuring technical compliance. Effective consultation can help identify and manage key privacy risks.

[ Galexia Dots ]

Solution Implementation

Privacy Oversight Committee

This tool is used to develop a governance structure to oversee privacy issues arising throughout the life of the implementation. Some privacy issues may not be ascertained at the design stage so reviews and audits under the direction of an oversight committee are often necessary.


We assist clients to develop documentation which addresses identified privacy concerns, including privacy manuals, web site privacy policies, integration with existing policy and procedure documents, and customer consent forms.

Training and education

We develop content for and present educational materials and training workshops for staff and key service providers to ensure that the client’s entire business is privacy aware.

[ Galexia Dots ]


Outsourced Chief Privacy Officer (CPO)

The Chief Privacy Officer is responsible for managing privacy compliance within an organisation over time as processes and regulations change. This responsibility may fall within an existing role, or may give rise to a new role. We can advise the client in relation to the structuring of that role in-house and provide assistance to that role, or it may prove more cost effective to outsource that role to us.

Assist in-house Chief Privacy Officer (CPO)

We can provide advice and assistance to an in-house CPO on a retainer or ad-hoc basis. Assistance can include handling complaints and inquiries, providing updates on legal and regulatory developments, and helping meet reporting requirements.

Monitoring - Privacy audit

Reviewing the effective adoption and use of complying processes and documentation on a regular basis (including by independent audit) is a useful tool in identifying and managing privacy risks. It also raises public confidence in the management of privacy, particularly in new technology projects. This process is targeted at identifying and dealing with problems before complaints or claims are received.


Related Projects

Galexia Public PIAs - imminent client release

There are a number of PIAs that Galexia is currently conducting (or a client has made a commitment to an imminent public release):

Galexia Public PIAs - Published

A number of Galexia Public PIAs are available:

Case studies and additional research

  • Defence - Galexia provided privacy advice to the Department of Defence for their Identity Management Project. Read more »
  • Fidelity - Galexia provided regional privacy advice to the investment firm Fidelity International for their operations in the Asia-Pacific region, including a privacy compliance report, briefing notes on key privacy issues, and a regional privacy strategy. Read more »
  • New South Wales Roads and Traffic Authority - Galexia conducted a Privacy Impact Assessment (PIA) for the NSW Roads and Traffic Authority, covering the RTA’s potential participation in the national Document Verification Service. Read more »

Recent news and updates


[ Galexia Dots ]