Last updated:

Victorian Protective Data Security Framework and Standards

The Victorian Protective Data Security Framework (Framework or VPDSF) provides a consistent, risk-based approach to monitoring and assuring the protection of public sector information by regulated Victorian public sector organisations.

The framework and associated Victorian Protective Data Security Standards (VPDSS or Standards) are designed to enable regulated organisations maintain the confidentiality, integrity and availability of public sector information and systems across their life-cycle.

VPDSF principles and VPDSS elements align with the Public Records Act 1973, requiring Victorian public offices to maintain full and accurate records and ensuring permanent value records are securely retained, while temporary records are properly disposed of in line with authorised Retention and Disposal Authorities (RDAs) and their security value. The security value of the information will inform the appropriate disposal techniques necessary to ensure this is performed securely.

Just like public records, the VPDSF and VPDSS cover all forms of public sector information: soft copy, hard copy, audio, images and more.

The Office of the Victorian Information Commissioner (OVIC) developed the Framework and Standards, with supporting information and resources available from the OVIC website.

Protective markings and information management markers

 

Protective markings are security labels assigned to public sector information, signalling the confidentiality requirements of the material. These labels inform scaled security controls needed to protect information bearing different protective markings. This includes expectations around how organisations and individuals can securely handle, store, share and manage this information.

Protective markingWhat it means
OFFICIAL
  • Covers the majority of general or routine public sector information.
  • Some information assessed as OFFICIAL may be suitable for public release, subject to organisational policies and approval processes.
OFFICIAL: Sensitive
  • Applied where compromise of the information would be expected to cause limited damage to government operations, organisations, or individuals but does not warrant a higher security classification.
  • This could include information that must be kept confidential under secrecy laws, or information that legislation restricts from being shared, even though it stays in the OFFICIAL category.
PROTECTED
  • Applied where compromise may cause major harm or damage to government operations, organisations, or individuals.
  • This marking will only apply to a limited subset of Victorian public sector information.
SECRET
  • Applied where compromise may cause serious harm or damage to government operations, organisations, or individuals.
  • This marking will only apply to a very limited subset of Victorian public sector information.
TOP SECRET
  • This marking is reserved for matters impacting Australia's national interest.

 

For more information on protective markings, visit the information security resources page that contains additional guidance developed by OVIC.

When applying a protective marking to a record, organisations may also choose to use Information Management Markers (IMMs). 

The use of IMMs is optional by Victorian public sector organisations, with organisational policies and procedures governing the application and use of these markers by their staff.

While IMMs are not mandatory, they offer a consistent way for entities to identify and categorise information content that is subject to non-security related restrictions on access and use. IMMs are not a substitute for a security classification, instead reflecting a subset of the controlled list of terms for the 'Rights Type' property in the National Archives of Australia's Government Record Keeping Metadata Standard.

IMMs can be added either as a visual label on the record, included in the metadata, or both.

Only three IMMs are commonly recognised across the Victorian public sector:

IMMWhat it means
Legal PrivilegeRestrictions on access to, or use of, information covered by legal professional privilege.
Legislative SecretaryRestrictions on access to, or use of, information that is covered by legislative secrecy provisions.
Personal PrivacyRestrictions on access to, or use of, personal and/or health information collected for official purposes, in line with the Privacy and Data Protection Act 2014 and the Health Records Act 2001.

 

More than one IMM can be applied if appropriate, based on the content.

Given the sensitive nature of the content associated with the above IMMs, it is recommended that they be used in conjunction with a protective marking of at least OFFICIAL: Sensitive.

IMMs are drawn from the Rights metadata element in the Australian Government Recordkeeping Metadata Standard (AGRkMS).

The AGRkMS is endorsed by PROV for use when managing permanent or long-term value records.

Victorian public offices must also meet the PROV Minimum Metadata Specification, which sets out the core metadata that must be captured and retained for public records.

Using IMMs can support compliance by clearly recording the reason for any special access or handling considerations.

In practice:

Standard/RequirementPurpose
PROV Minimum Metadata SpecificationDefines what metadata must be capture and kept.
AGRkMSProvides recommended metadata structure and values, including IMMs.
IMMsHelp explain why access to certain information may need to be managed more carefully, in addition to any protective marking it carries.

 

Cabinet-in-Confidence (CiC) is a Victorian specific marking and material marked with this label must be handled in accordance with the Victorian Government Cabinet Handbook.

CiC is recognised as a protective marking in Victoria, establishing special handling requirements for Victorian Cabinet information.

  • CiC must only be used in conjunction with the protective markings of PROTECTED or SECRET.
  • It is not to be used in conjunction with the protective markings of OFFICIAL, OFFICIAL: Sensitive or on unclassified information.

Example valid usage:

  • PROTECTED // Cabinet-in-Confidence.

Refer to Cabinet records guidance for more information.

Protective markings and IMMs work best when they are built into the systems and tools that create, store and manage records. This makes the labels visible to users and allows systems to automatically enforce rules and safeguards.

Technology is just one part of the VPDSS, which also covers personnel, physical and information security. While this section focuses on technology, protective markings and IMMs also connect with the other domains.

Ways to use protective markings in technology include:

  • Metadata tagging: embedding labels into digital files so that they stay with the record.
  • System labelling functions: using software that shows labels and enforces rules based on them.
  • Access controls: setting permissions so only authorised staff can view or edit information.
  • Automated protective marking: software that helps staff assign the correct labels when creating or collecting information.
  • Information Rights Management (IRM): labels that trigger encryption, watermarking, or restrict copying, forwarding or printing.
  • Audit and monitoring: linking labels to system logs to track how information is accessed or used.

Using protective markings and IMMs in technology helps ensure sensitive information is handled consistently and reduces reliance on manual processes.

Our Managing Records in Microsoft 365: A guide for Victorian public offices provides practical advice on applying labels in the M365 environment.

Access arrangements for records in PROV custody

All records transferred to the custody of PROV are open to public access unless they are closed for a specified period under a section of the Public Records Act 1973.

As part of the transfer process, public access arrangements are determined by PROV in consultation with the public office responsible for the records. Decisions to withhold records in PROV custody from public access are authorised by the Minister for PROV and the Minister responsible for the transferring public office.

Any protective markings or information management markers applied to records are taken into consideration, where relevant, when determining the access arrangements for permanent value records transferred to PROV. While this assessment may not result in closure being applied, these markings help signal that security considerations existed when the records were in active use.

Protective markings or information management markers should not be removed when transferring records to PROV as they form part of the contextual information that explains how records were used.

Material in the Public Record Office Victoria archival collection contains words and descriptions that reflect attitudes and government policies at different times which may be insensitive and upsetting

Aboriginal and Torres Strait Islander Peoples should be aware the collection and website may contain images, voices and names of deceased persons.

PROV provides advice to researchers wishing to access, publish or re-use records about Aboriginal Peoples

Learn more