Australian privacy laws are governed by the Privacy Act 1988 (the Act) which, incorporates thirteen (13) Australian Privacy Principles (Principles).
The Principles cover:
open and transparent management of personal information;
anonymity and pseudonymity;
collection of solicited personal information;
dealing with unsolicited personal information;
notification of the collection of personal information;
use or disclosure of personal information;
cross-border disclosure of personal information;
adoption, use or disclosure of government related identifiers;
quality of personal information;
security of personal information;
access to personal information;
correction of personal information.
The kinds of personal information you collect and hold;
How you collect and hold that personal information;
The purposes which you collect, hold, use and disclose personal information;
How an individual may their access personal information held by you and seek the correction of such information;
How an individual can complain about a breach and how you will deal with a complaint; and
Whether you’re likely to disclose personal information to an overseas recipient and if so, to specify the overseas counties if it is practicable.
When outlining what kinds of privacy information a business collects it is important to distinguish between:
Personal information: which relates to information/opinions that identify an individual such as contact and financial details (whether they are true or not); and
Sensitive information: which relates to information/opinions about things like health, religion, political opinions, race or ethnicity.
The Act and Principles apply to:
organisations and companies with an annual turnover over $3 million;
all private health service providers; and
some small businesses.
Coutts have experience in reviewing and drafting privacy policies to meet the requirements of the Act and the Principles. Coutts recognise the importance of understanding your business and your specific processes and procedures to ensure the policy reflects how you do business. For further information on privacy policies please contact the Commercial Law team.
For further information please don’t hesitate to contact:
02 4607 2124
This blog is merely general and non specific information on the subject matter and is not and should not be considered or relied on as legal advice. Coutts is not responsible for any cost, expense, loss or liability whatsoever in relation to this blog, including all or any reliance on this blog or use or application of this blog by you.