Skip to content. | Skip to navigation

Personal tools
Log in
Sections
You are here: Home News The Amended Privacy Act - Is Your HEP Ready?

The Amended Privacy Act - Is Your HEP Ready?

 The Office of the Australian Information Commissioner (OAIC) has announced that March 12 will see the biggest change in privacy law in 25 years. If you haven’t already done so, it would be wise to review your policies and procedures. Extensive details are available on the OAIC website www.oaic.gov.au or contact the Office of the Australian Information Commissioner on 1300 363 992 for more information.

 The OAIC has released APP guidelines - http://www.oaic.gov.au/privacy/applying-privacy-law/app-guidelines/. These are an essential tool for all entities that are covered by the Privacy Act and will be subject to the 13 new Australian Privacy Principles (APP) from 12 March 2014. Most child care centres, private tertiary institutions and private schools are subject to the Privacy Act 1988 (Privacy Act).

The APP guidelines outline the mandatory requirements of the APPs, how the OAIC will interpret the APPs, and matters they may take into account when exercising functions and powers under the Privacy Act. The APP guidelines give many examples of how the APPs may apply in particular circumstances and contain suggestions for good privacy practice. 

COPHE General Overview - What is changing?

NB - This is not legal advice, but a very brief overview of the publicly available information at this stage.

It seems the new legislation is basically making current best practice a legal requirement, toughening or clarifying existing requirements especially about sharing information with secondary parties and giving more power to the Information Commissioner. It would be wise to:

 1)      Check your organisation does not collect information it can’t prove its needs;

 2)      Ensure your Privacy Policy is easily available and covers the following:

  1. How people can find out what information you hold about them
  2. How they can correct any perceived errors
  3. How they can complain if they feel you have breached their privacy
  4. How you will handle privacy complaints.

 3)      Be sure all your staff members understand the new restrictions on sharing information with secondary sources and overseas entities.

 4)      To be safe, do not conduct any direct marketing unless the individuals have clearly agreed to have their information used for the purpose and you had made it easy for them to opt out.

 5)      Be aware the Privacy Act changes will also give the Information Commissioner the ability to investigate serious breaches (including the right to impose penalties on businesses) and assess the privacy performance of businesses in this area.

 For details of changes to the Privacy Act, visit the Privacy law reform page on the OAIC website.

For an introduction to privacy legislation, try the snapshot of the Privacy Act for small business or the guide to privacy for small business.

Prepared by Nadja Leffler, COPHE Communications, 5/3/2014

News image