29 November 2012

The Privacy Amendment Bill was passed in order to amend the Privacy Act 1988 and introduce a unified set of Australian Privacy Principles (APPs) which will apply to both the private and Commonwealth public sector, with changes to come into effect from March 2014.

Key changes include requirements for organisations to:

  • Change privacy policies to reflect their handling of potential breaches of the APPs and any privacy complaints; overseas data disclosures; and the removal of redundant references, such as to “National Privacy Principles”
  • Provide more information to individuals when collecting their personal information
  • Implement a privacy compliance program which ensures compliance with the APPs; deals with inquiries or complaints about compliance with the APPs; establishes procedures to identify and manage privacy risks and compliance issues; and provides training for staff.
  • Change direct marketing practices by maintaining a simple mechanism allowing individuals to “opt out” of further direct marketing; obtaining an individual’s consent before using their sensitive information for direct marketing; and maintaining details of the source of the personal information used direct marketing.
  • Review arrangements for offshore data storage or processing

Further information can be found in the news update from Australian Law firm Corrs Chambers Westgarth, found here.