Since the introduction of the Australian Privacy
Principles in early 2014, many businesses have introduced new
processes to deal with the handling of personal information by
their staff. However, to comply with the APPs, businesses must do
be taking reasonable steps to make staff aware of your privacy
obligations. In this article, we will discuss how your business can
train staff on privacy related issues.
Training your staff
Privacy awareness should be a central focus in your business,
given it encourages positive business practices and can also help
to alleviate the risk of liability.
When providing staff training on your business' privacy
obligations, a good starting point is to go through your
obligations your business and staff are required to comply
Any internal training should also deal with issues such as:
handling privacy complaints, access to information requests and
correction of information requests;
when staff should be providing privacy notification
how your staff should deal with unsolicited personal
the circumstances under which your staff will have to
de-identify or destroy personal information;
the importance of not accessing customers' personal
identity authentication procedures and the need to avoid
inadvertent disclosures when verifying an individual's
the importance of password protection (such as avoiding weak
passwords, changing passwords regularly, not using the same
password to access multiple systems and not providing passwords to
others or sharing passwords);
logging out of computers when they are not in use; and
the need to report any privacy breaches or suspected privacy
breaches to your business' privacy officer.
Cooper Grace Ward's privacy law team can also help your
staff understand their responsibilities. We can work with you to
handling procedures as well as provide advice and training to your
Why does it matter?
Failure to comply with the APPs may lead to penalties of up to
$1.7 million (for corporations) and up to $340,000 (for
individuals) if they seriously or repeatedly interfere with a
If you do not think that your staff are currently aware of, and
comply with, your privacy obligations, we recommend that you take
reasonable steps to train them on privacy issues. The tips in this
article are not exhaustive considerations and you should consult
the APP guidelines or contact us for more information.
Privacy awareness week
This article is the final article in our series on handling
personal information as part of Privacy Awareness Week. As an
official partner of the Office of the Australian Information
Commissioner's privacy awareness campaign, Cooper Grace Ward
has published a series of articles that relate to:
how your business can collect personal information;
how your business can engage in direct marketing;
how your business should handle requests to access and correct
the importance of a social media policy; and
how your business can organise internal privacy awareness and
Winner – EOWA Employer of Choice for Women Citation 2009,
2010, 2011 and 2012
Winner – ALB Gold Employer of Choice 2011 and 2012
Finalist – ALB Australasian Law Awards 2008, 2010, 2011 and
2012 (Best Brisbane Firm)
Winner – BRW Client Choice Awards 2009 and 2010 - Best
Australian Law Firm (revenue less than $50m)
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Privacy issues require a considered strategy where sets of big data come with ever-increasing regulatory obligations.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).