Welcome Admin
How to comply with the Privacy Act
Why is this important?
The Federal Privacy Act 1988 sets rules for businesses handling personal information. It also allows individuals to make a complaint if personal information is mishandled.
Some small businesses, including those that are non-profit bodies or unincorporated associations, need to comply with the Privacy Act.
Small businesses that collect personal information (other than their own employees' information) may need to comply. Personal information is any information about an identifiable individual, eg a person's name and address, marital status, or income.
What to do
Determine if your business needs to comply with the Privacy Act. Consider:
- Does your business have an annual turnover of more than $3 million? If so the Privacy Act may apply to your business.
- Is your business a health service provider? If so the Privacy Act applies to your business.
If you answer yes to any of the following statements, your business may need to comply with the Privacy Act.
Is your small business:
- a health service provider?
- trading in personal information (eg buying or selling a mailing list)?
- related to a larger business (a related body corporate)?
- a contractor that provides services under a Commonwealth contract?
- a reporting entity for the purpose of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act)?
- an operator of a residential tenancy database?
Does your business buy or sell business assets that include personal information (eg a customer database)? If so you may need to comply with the Act.
Compliance with the Privacy Act — the basics
For many small businesses, complying with the Privacy Act means that the key things to do are:
- tell people when you collect personal information what you expect to do with it
- use personal information only for the reason you collected it, or in ways people would think reasonable unless you have their consent, have given them an opportunity to opt-out or the use is authorised by another law
- pass on personal information only for the reason you collected it, or in ways people would think reasonable, unless you have consent or the disclosure is authorised by another law
- if people ask, give them a chance to see any information you hold about them
- keep personal information secure, accurate and up-to-date.
These requirements are set out in the Act in 10 National Privacy Principles (NPPs).
Source: www.smexcellence.com.au
NB In November 2010 The Office of the Privacy Commissioner was integrated into The Office of the Australian information Commissioner (OAIC). An interim site for the OAIC is available at www.oaic.gov.au
The www.privacy.gov.au will be maintained until a site incorporating all OAIC material is established.
Where to go for help
A Guide to Privacy for Small Business
http://www.privacy.gov.au/materials/types/brochures/view/6051
The Federal Privacy Act 1988
http://www.privacy.gov.au/law/act
AML/CTF Act
A Privacy Checklist for Small Business
http://www.privacy.gov.au/materials/types/brochures/view/6053
National Privacy Principles
http://www.privacy.gov.au/materials/types/infosheets/view/6583
Online Business Directory
NSW Business Chamber Online Business Directory connects you to thousands of businesses across NSW. With exclusive access to special offers and great deals, you will find a service provider, business partner or supplier who can meet your needs. Listing on the Online Business Directory is open exclusively to NSW Business Chamber members.
Ask an Expert
Do you have a question about the above information, or need to know more about sales and marketing? Send us an email
