Every business that turns over more than $3 million is regulated by the Privacy Act 1988 (Cth). The Act and the Australian Privacy Principles set out rules for how you collect, use and store personal information.
A business lawyer can reduce your risk of a breach.
- the kind of personal information the business collects;
- how the personal information is collected and held;
- the purposes for which the personal information is collected, held, used and disclosed;
- how an individual may access personal information about themselves and seek the correction of such information;
- how an individual may complain about a breach of the Principles, or a registered Australian Privacy Principle code (if any) that the business is bound by, and how the business will deal with such a complaint;
- whether the personal information is likely to be disclosed to overseas recipients; and
- if the business is likely to disclose personal information to overseas recipients – the countries in which such recipients are likely to be located (if it is practicable to specify those countries in the policy).
- New Amendments to the Act
It’s not all that simple.
Prior to February 2018, the law did not require you to notify an individual who may be affected by there being a failure to take reasonable steps to protect personal information. The amendments now provide that you must report a data breach to the Commissioner and the harmed individual, if either:
(i) there is unauthorised access to, or unauthorised disclosure of, information held by an entity; or
(ii) information is lost in circumstances where there is likely to be unauthorised access to or unauthorised disclosure of information; and
a reasonable person would conclude that the access or disclosure would be likely to result in serious harm to any of the individuals to whom the information relies.
Have any questions?
If you have any questions or need legal advice, you can request a quote with Alex Martin or get a Quick Consult with other lawyers with similar expertise. With Quick Consult, from a transparent, flat fee of $49, a lawyer will call you back within 1-2 days to answer your questions.
This article does not constitute legal advice or a legal opinion on any matter discussed and, accordingly, it should not be relied upon. It should not be regarded as a comprehensive statement of the law and practice in this area. If you require any advice or information, please speak to practicing lawyer in your jurisdiction. No individual who is a member, partner, shareholder or consultant of, in or to any constituent part of Interstellar Group Pte. Ltd. accepts or assumes responsibility, or has any liability, to any person in respect of this article.