There is now less than 6 months for businesses to prepare for the changes made to the Privacy Act.
In November 2012, the then Federal Government, passed 250 pages of amendments to the Privacy Act with the majority taking effect from March 2014.
- The kind of personal information your business collects
- How you collect the information
- The purposes for which you collect, hold, use and disclose the information
- How individuals can access the personal information you hold on them and seek to correct that information
- How individuals can complain to you about a breach of the Australian Privacy Principles and how you deal with complaints
- Whether you are likely to disclose information to overseas recipients, and if so, in which countries are those recipients likely to be based.
This Spam Act will continue to apply on marketing materials which means you will have to give people easily accessible ways to unsubscribe from mailing lists.
Furthermore the Privacy Act has also placed new restrictions on direct marketing material sent in the mail, requiring you to maintain a simple mechanism by which one can opt out of further marketing, and including a statement on your marketing saying how they can do so.
Employees will not have the same rights to access their data nor will corporate bodies have the right to access information you might keep about their company.
Businesses who fail to comply with the new standards face fines of up to $1.7 million for repeated or serious breaches of the act.
The good news is that there is a carve out for small businesses. These changes will only affect businesses with a turnover of more than $3 million a year.
March 2014 is not that far away, so if you believe these changes apply to you, now is the time to start preparing.