Home - Are you complying with the 13 Australian Privacy Principles?

UpdatesAug 20, 2014

Are you complying with the 13 Australian Privacy Principles?

Personal information is information from which you can reasonably ascertain an individual’s identity.

4 mins read

By Charles Power

As an employer, you are obligated to handle personal information according to federal and State or Territory legislation in order to:

Personal information is information from which you can reasonably ascertain an individual’s identity.

Next week, we will look at some of the Australian Privacy Principles (APPs) in more detail and explain how to make your privacy policy available to non-employees – and why it’s so important.

Until then,

Privacy laws: When do they apply and what happens if you breach them?

The Privacy Act 1988 (Cth) (the Act) sets out 13 APPs, which guide organisations in dealing with personal information.

The principles cover the following areas:

  1. The open and transparent management of personal information.
  2. Anonymity and pseudonymity.
  3. The collection of solicited personal information.
  4. Dealing with unsolicited personal information.
  5. Notification of the collection of personal information.
  6. Use or disclosure of personal information.
  7. Direct marketing.
  8. Cross-border disclosure of personal information.
  9. Adoption, use or disclosure of government-related identifiers.
  10. Quality of personal information.
  11. Security of personal information.
  12. Access to personal information.
  13. Correction of personal information.

For more information, see the Australian Privacy Principles fact sheet.

When do the APPs apply?

Generally, the privacy laws only apply to private sector organisations with an annual turnover of more than $3 million, and Commonwealth public sector agencies.

The APPs only regulate personal information collected for inclusion in a record or generally available publication. They do not apply to information ‘carried in a person’s head’.

Although privacy laws will not usually apply to personal information relating to past or present employees, they will apply when you are dealing with personal information relating to the following ‘non-employees’:

What happens if you breach the privacy laws?

The Privacy Commissioner has the power to investigate possible interferences with privacy, either on its own initiative or following a complaint by the individual concerned.

When an individual makes a complaint, the Commissioner will generally attempt to resolve the complaint by conciliation between the parties.

The Commissioner also has a range of enforcement powers and other remedies available, including:

Are you liable for breaches by your employees?

Privacy breaches committed by your employees while performing their employment duties are taken to be an act done or practice engaged in by your organisation.

You may be liable for an employee breach if:

0
In your cart

item

$0

View cart
Checkout
View Cart
Copied