The Privacy (Australian Government Agencies—Governance) APP Code 2017 (Cth) (the APP Code) requires that all agencies, including the National Museum of Australia (the Museum) must conduct a Privacy Impact Assessment (PIA) for all high privacy risk projects.
A project may be a high privacy risk project if the Museum considers that the project involves any new or changed ways of handling personal information that are likely to have a significant impact on the privacy of individuals.
The Museum is also required to conduct a PIA if directed to do so by the Office of the Australian Information Commissioner (OAIC).
The Museum is required to maintain a register of all PIAs it conducts and must publish that register, or a version of that register, on its website.
This following PIA register is published in compliance with the APP Code.
Privacy Impact Assessments undertaken by the Museum
Title of project | Short description of project | Date the PIA was made | Responsible business unit |
| Client Relationship Manager Implementation | Implementation of a new application (Tessitura) to manage customer information and interactions | 21 January 2025 | Information Technology |
| Museum Shop Loyalty Program | Implementation of an ecommerce loyalty program platform for the Museum Shop | 31 July 2023 | Commercial and Enterprise |
Client Relationship Management system | Implementation of a new application (thankQ) to manage customer information and interactions | 20 March 2020 | Information Technology |
| Cultural and Corporate Shared Services Centre payroll services | Delivery of payroll services to the Museum of Australian Democracy | 28 October 2019 | Human Resources |
Copies of PIAs may be requested by contacting the Museum:
Privacy Contact Officer
National Museum of Australia
GPO Box 1901
Canberra ACT 2601
Email: privacy@nma.gov.au
Phone: 02 6208 5000
Updated 12 February 2026
You may also like