Organisations that are regulated by the Privacy Act 1988 (Cth) include:
- Australian government agencies;
- businesses and non-profits with an annual turnover of more than $3 million per annum;
- private sector health service providers; and
- contracted service providers to Australian government agencies.
These organisations must comply with thirteen (13) Australia Privacy Principles (APPs). The APPs create obligations across the entire life cycle of personal information, from how, when and whether personal information can be collected, through restrictions on its use and disclosure, to its eventual disposal.
- the general types of categories of personal information that the organisation collects and holds;
- the purposes for which personal data is used or disclosed;
- whether the organisation is likely to disclose personal information to overseas recipients;
- how an individual can exercise their right to access or correction of the personal information held about them; and
- how an individual may complain about a breach of privacy, and how the organisation will deal with their complaint.
An organisation might need to seek a customer’s consent in certain circumstances, including:
- when collecting certain categories of personal information known as ‘sensitive information’ such as person’s religion, ethnicity or sexuality, or
- when planning to use or disclose personal information for a purpose unrelated to the purpose for which it was collected, and no other law or exemption requires or allows that use or disclosure.
If you require assistance in respect to your contractual arrangements and commercial related matters, contact our Business Law Accredited Specialists and Partners, Justin Thornton at firstname.lastname@example.org or Rahul Lachman at email@example.com or on (02) 4626 5077.
The contents of this publication are for reference purposes only. This publication does not constitute legal advice and should not be relied upon as legal advice. Specific legal advice should always be sought separately before taking any action based on this publication.