you aware of your obligations under the Privacy Act and
the Australian Privacy Principles? Does your business have
appropriate processes to manage the handling of personal
This week is Privacy Awareness Week. As a partner of the Office
of the Australian Information Commissioner's privacy awareness
campaign, this week Cooper Grace Ward will publish a series of
articles relating to:
Under APP 1, your business must manage personal information in
an open and transparent way. To comply with APP 1, your business
must have a clearly expressed, up-to-date and accessible privacy
What information must be included in your privacy
the kinds of personal information you collect and hold;
how personal information is collected and held;
the purposes for which personal information is collected, held,
used and disclosed;
how an individual may access their personal information and
seek its correction;
how an individual may complain if you breach the APPs and how
the complaint will be handled; and
whether you are likely to disclose personal information to
overseas recipients, and, if so, the countries in which such
recipients are likely to be located (if it is practicable to
This list is not exhaustive. Essentially you should ensure that
you manage personal information. This might also require including
information about any exemptions that might apply to your business
or information about your data retention and destruction practices
that might be relevant.
unlikely to be compliant with the new legislation.
You are required to take reasonable steps to make your privacy
policy available free of charge, and in an appropriate form. This
available by publishing it on your website. It should be
prominently displayed, accessible and easy to download.
However, online publication might not be appropriate where, for
example, you don't have an online presence. In these
circumstances you should consider the following options:
can be seen by members of the public;
correspondence with individuals;
where the entity interacts with individuals by telephone,
may be accessed in a particular form.
The most clearly expressed and up-to-date privacy policies
easy to understand (for example, avoid using jargon, legalistic
and in-house terms);
easy to navigate;
concise while still including all relevant information;
tailored for the different sections of the business (for
example, if different sections collect, handle or disclose
information in different ways, the section might have separate
if available online, in a style and length that makes it
suitable for web publication (for example, using a layered policy
with a condensed version to outline key information with direct
links to more detailed information in the full policy);
regularly reviewed and updated to ensure that the policy
reflects current information handling practices.
Winner – EOWA Employer of Choice for Women Citation 2009,
2010, 2011 and 2012
Winner – ALB Gold Employer of Choice 2011 and 2012
Finalist – ALB Australasian Law Awards 2008, 2010, 2011 and
2012 (Best Brisbane Firm)
Winner – BRW Client Choice Awards 2009 and 2010 - Best
Australian Law Firm (revenue less than $50m)
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
The legal rights and wrongs of taking photos can be confusing, so what does the law say about photos in a public place?
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).