From 12 March 2014, the Privacy (Enhancing Privacy Protections) Act 2012 (Cth) (the Amendments) will come into effect and bring about significant change to the Privacy Act 1988 (Cth) (the Act).
The Commonwealth Act regulates the collection, storage, use, and disclosure of different types of personal information. The privacy laws will apply to independent schools with an annual turnover of more than $3 million.
Schools should be aware of the changes to the Act and ensure that they comply with such amendments. Specifically, schools need to be proactive in ensuring that they have and implement practices, policies and procedures that comply with the Australian Privacy Principles (APPs).
Schools need to keep in mind that the Amendments include significant penalties for serious or repeated breaches of the Act. Below are the key changes to Act, and the $1.7 million reason to comply with such changes.
What Has Changed?
The key change by the Amendments is that the National Privacy Principles (NPPs) are being replaced by the APPs.
Other changes include:
- the Australian Information Commission (AIC) is given greater power to enforce privacy laws (including penalty orders of up to $1.7 million for corporations);
- amendments to credit reporting provisions;
- amendments to definitions; and
- allowing for new privacy and credit reporting codes which would bind organisations.
Click here to view the table.
What Should You Do?
In preparation of the commencement of the new laws, schools should endeavour to review policies, procedures and practices.
Schools should ensure that:
- policies comply with APP 1; and
- the practices and procedures that govern collection, storage, use and disclosure of personal information comply with the Amendments.
Privacy is a difficult area of law to navigate. It is important that schools take steps to ensure compliance as failure to do so can have expensive consequences.