On 12 March 2014, big changes to privacy law come into operation. All companies and organisations – including government – need to be aware of the Privacy Amendment (Enhancing Privacy Protection) Act 2012. You may either be directly bound by the new legislation or – if you work for a smaller non-government company or organisation – you may nonetheless want to show your customers that you respect their privacy and that you comply with Australian standards
In a nutshell:
- the different privacy principles that currently apply to government and to the private sector will be combined into the one set of Australian Privacy Principles;
- the Australian Information Commissioner will have additional powers to ensure compliance (including the ability to audit you);
- obligations in relation to sending any personal information overseas will be tightened (including, for example, if your servers are located overseas); and
- if a privacy code applies to your organisation, those codes will be legally binding on you.
Most importantly, you will need to make sure that you don't just have a well-drafted privacy policy available to the public (for example, on your website), but that your organisation has all the necessary compliance procedures in place
For advice on reviewing your organisation's privacy policy and procedures, contact privacy lawyer Ian McDonald at Simpsons Solicitors.