Know Risk is a community education program designed by the Australian and New Zealand Institute of Insurance and Finance (ANZIIF) to improve our understanding of insurance and how it relates to managing the many risks we all face in life.
Privacy and your business
Don't get caught out by the new privacy requirements.
New tougher privacy laws mean you need to be a lot more careful about how your business manages the issue of privacy and personal data.
The revised Privacy Act covers how businesses handle, process and use personal information for direct marketing and how the information is disclosed to other people and businesses overseas. The new act also allows the Privacy Commissioner to hand out penalties of up to $340,000 for individuals or $1.7 million for organisations found to be in breach of the Act.
What does it mean for your business?
Even if you’ve heard of the change in privacy rules, you might not know what it actually means for your business. Here are a few of the requirements of the new rules:
- If your business sends personal information overseas you will need to disclose which countries the information is being sent to, this includes the use of cloud computing services.
- If your business employs direct marketing, you will need to obtain consent from individuals and will need to include mandatory opt-out options for any direct marketing communications you send out, as well as indicating where your business obtained their personal details.
Don’t get caught out
Make sure you review and update your privacy policies, privacy statements, any fine print or other disclosure statements on your website or printed material. Disclosure statements which are out of date can mean your business is non-compliant.
Some of the changes you should make:
- replacing any references to the “National Privacy Principles” with the new “Australian Privacy Principles”
- disclosing whether your business is likely to send personal information overseas and if so, which countries you will send it to
- explain how your business will deal with any privacy related complains and how a member of the public can make a complaint about a breach of the Australian Privacy Principles
- review the way your business collects, stores and uses personal information
- review your security systems to ensure any personal information collected is kept safe and isn’t vulnerable to a data breach
- train your staff so they’re compliant with the new legislative requirements. Contact the Office of the Australian Information Commissioner to access resources and training material.
Visit the Office of the Australian Information Commissioner for more information on the new privacy requirements.