Privacy law in Australia is regulated by the Privacy Act 1988. Australian Privacy laws regulate the handling of ‘personal information’, which generally refers to any information or opinion about an individual. Examples of personal information include names, email addresses, addresses, employment details, credit card details, health information and sensitive information.
The Privacy Act imposes obligations on organisations in relation to the way in which they collect, hold, use, store and destroy personal information, including the requirement to:
- Appoint a dedicated ‘privacy officer’
- Obtain consent to collect and use personal information
- Have a policy to identify and respond to data breaches
Organisations and individuals will be required to comply with the Privacy Act if they:
- have annual turnover of $3 million or more; OR
- provide health services; OR
- trade in personal information; OR
- provide services to the government; OR
- engage in credit reporting activities.
Businesses also have will also have mandatory reporting obligations, and in the event of an ‘eligible data breach’ will be required to notify the Australian Information Commissioner and any impacted individuals.
An ‘eligible data breach’ occurs if:
- The personal information held by an entity has been lost, accessed or disclosed without authorisation; and
- The access, disclosure or loss is likely to result in serious harm to any of the individuals to whom the information relates.
How can Kalus Kenny Intelex help?
We can assist you with your Privacy Act compliance obligations, including to:
- review and update your existing personal information handling practices;
- provide advice, seminars and training sessions for your staff;
- prepare a data breach response plan for your business;
- assist you to identify the types of breaches you must report, and assist in the process of investigating, handling and reporting breaches.
Our Commercial Law Team
Our Latest Insights
With COVID-19 vaccinations rolling out in Australia, employers may be considering asking their employees whether they have been, or will be, vaccinated against the virus. They may also be wondering whether they can, or should, require that their employees get the...
A common misconception in estate planning is that all of your assets (no matter the capacity in which they are held) are ‘estate assets’ and governed by your Will. The distribution of an asset will depend on the type of asset and more specifically, how that asset is...
Many people are not aware that a marriage can revoke a Will. Similarly, a divorce can invalidate appointments and gifts in a Will to the spouse. Sambucco v Registrar of Births, Deaths and Marriages Victoria & Anor  VSC 889 (Sambucco) is a recent proceeding...