South Australian Consolidated Regulations South Australian Consolidated Regulations29—TCA's obligation to keep information secure
(1) TCA must take
reasonable steps to protect IAP information collected by it against
unauthorised access, unauthorised use, misuse, loss, modification or
unauthorised disclosure.
(2) TCA must take
reasonable steps to destroy IAP information (including personal information)
after 1 year unless the information is required as evidence.
(3) TCA may comply
with subregulation (2) by permanently removing anything by which an
individual can be identified from the IAP information that it holds.