- Businesses which follow the American model of drafting privacy statements will not be compliant with Australian privacy law.
This article will explain what Australian privacy law requires in terms of privacy policies, collection notices, and consent forms.
Organisations regulated by the Privacy Act 1988 (Cth) include:
- Australian government agencies;
- Businesses and non-profits with an annual turnover of more than $3 million p.a.;
- Private sector health service providers; and
- Contracted service providers to Australian government agencies.
Each of these organisations must comply with 13 Australian Privacy Principles (‘APPs’) in the way they handle personal information. The APPs create obligations across the entire life cycle of personal information, from how, when and whether personal information can be collected, through restrictions on its use and disclosure, to its eventual disposal.