Although this seems a while away, if the Privacy Act applies to your business, it’s a good idea to start preparing for the changes now.
Does the Act apply to my business?
The Privacy Act protects personal information handled by large businesses and health service providers of any size.
The Act may also apply to a small business if it has an annual turnover of more than $3 million and either:
- trades in personal information
- provides services under a Commonwealth contract
- runs a residential tenancy database
- is related to a larger business
- is a reporting entity under the Anti-Money Laundering and Counter-Terrorism Financing Act.
If you’re still not sure, you may need to seek advice from your lawyer or other business advisors.
What is changing?
A new set of privacy principles that covers the handling of personal information by businesses will be introduced.
The changes will affect how businesses can:
- handle and process personal information
- use personal information for direct marketing
- disclose personal information to people overseas.
The Privacy Act changes will also give the Information Commissioner the ability to:
- investigate serious breaches (including the right to impose penalties on businesses)
- assess the privacy performance of businesses.
For details of all changes to the Privacy Act, visit the Privacy law reform page on the OAIC website.
For an introduction to privacy legislation, try the snapshot of the Privacy Act for small business or the guide to privacy for small business .