What is the Privacy Controls Framework?
The Privacy Controls Framework (PCF) is an essential and comprehensive guide to privacy assessments for Users fulfilling the ‘Other User’ Role. The framework provides an overview of the process from start to finish, giving clear guidelines on what can be expected during the assessment. This includes the types of evidence that can be used to demonstrate compliance with the Smart Energy Code (SEC) obligations, as set out in Section I of the SEC.
Privacy Assessments are undertaken to assess Parties’ compliance with the obligations defined in Sections I1.2 to I1.5. The assessments are undertaken by an Independent Privacy Auditor, as appointed by the SEC Panel to provide the audit services.
Privacy assessments only need to be taken by “Other Users”, defined by the SEC as:
“For a smart metering system or a device and any period of or point in time, a user that is not a responsible supplier or the electricity distributor or the gas transporter or the registered supplier agent during that period of or at that point in time.”
The assessments must be carried out in accordance with the PCF, which ensures a consistent level of review across all “Other Users”. The framework also provides examples of evidence that could be presented to demonstrate compliance with the privacy obligations.