Projects

[« previous] [next »]

ATO - Australian Taxation Office

• ATO - Overview
• ATO - 2-stage PIA for myGovID (2018)
• ATO - Assistance with Identity Management Platform Upgrade (2008)

ATO - Overview

Related Galexia services and solutions Strategic Privacy Consulting. Read more » Privacy Management Lifecycle: Our Privacy Products and Services. Read more » Issues Management: Public and Stakeholder Consultations. Read more » Identity Management and Authentication - Strategic Consulting. Read more » Identity Management and Authentication - Technical Consulting. Read more » Related Galexia news Digital Transformation Agency (DTA) releases 2nd Galexia Privacy Impact Assessment (PIA) on Digital Identity - 13 November 2018 » Two-stage independent PIA for myGovID finalised - September 2018 » Digital Transformation Agency (DTA) releases 1st Galexia Privacy Impact Assessment (PIA) on Digital Identity - 17 March 2017 » Galexia completes initial Privacy Impact Assessment (PIA) for the Australian Government Digital Transformation Agency (DTA) on the proposed Trusted Digital Identity Framework (TDIF) - December 2016 »

.

ATO - 2-stage PIA for myGovID (2018)

Related links myGovID home page » [External site] DTA - The Trusted Digital Identity Framework » [External site - including list of TDIF accredited providers] Home Affairs - Face Verification Service (FVS) » [External link]

In June 2018, Galexia was engaged to provide a 2-stage independent Privacy Impact Assessment (PIA) for the Australian Taxation Office (ATO) on the proposed development of myGovID.

The 2 stages included:

• The replacement of the AusKey credential with myGovID and then
• Privacy compliance with the Australian Government Trusted Digital Identity Framework (TDIF).

The purpose of this PIA was to assist in identifying and managing privacy issues that are raised by the proposed development of the MyGovID identity proofing and credential solution.

TDIF Accreditation

One important part of the PIA on MyGovID is that the ATO are seeking to have their identity solution accredited under the Trusted Digital Identity Framework (TDIF) developed by the Digital Transformation Agency (DTA) <https://www.dta.gov.au/our-projects/digital-identity/trusted-digital-identity-framework>. 

The TDIF 

enables the reuse of credentials and verified identity attributes provided by an Identity Provider across Relying Parties. The verified identity attributes support the registration of an individual at a Relying Party and the credentials enable ongoing access to the digital services provided by the Relying Party.

In August 2018, ATO accepted all of Galexia’s recommendations.

The PIA made a range of recommendations for mediating privacy risks, including changes to the project design, practical privacy compliance steps, consideration of biometrics and the use of the Australian Government Face Verification Service (FVS) and privacy governance arrangements.

ATO - Assistance with Identity Management Platform Upgrade (2008)

Galexia provided identity management consulting services to assist the ATO consolidate their existing identity management investment and migrate to a major new release of their platform. Galexia's advice included:

• Identification of critical problems within their existing platform;
• Planning, execution and communication of a response to alleviate problems;
• Expert advice, technical recommendations and technical fixes to ensure that the migration proceeded smoothly;
• Identifying the responsibilities and directing the activities of multiple vendors, including Sun Microsystems and Oracle, in order to remedy known product defects;
• On-site assistance during migration; and
• Follow-up to ensure successful completion of work.

[« previous] [next »]

[up to projects]