Privacy Compliance

"From our experience, organisations that handle a lot of personal and sensitive information will have to allocate a lot of time and resources in order to comply with the new privacy laws. For organisations handling a relatively small amount of personal information, compliance may be relatively simple."

Katarina Klaric, Partner, Stephens.

The Privacy Amendment (Private Sector) Act ("Privacy Law") came into effect on 21 December 2001 and establishes national standards for the handling of personal information by private sector organisations. The legislation seeks to ensure personal information is stored, used and disclosed in a fair and appropriate way.

The Privacy Law covers:

  • Businesses with an annual turnover of $3 million or more
  • Businesses with an annual turnover of less than $3 million which are related to organisations with an annual turnover of more than $3 million
  • Health service providers or other organisations that hold health information
  • Organisations that collect, disclose and provide personal information for a benefit, service or advantage
  • Organisations that are contracted service providers to the Federal Government
  • Charitable and other not-for-profit organisations
  • Unions.

Failing to comply with the Privacy Law risks court enforceable determinations. The Privacy Law gives the Privacy Commissioner and approved code adjudicators the power to investigate complaints and issue determinations for:

  • Payment of compensation including amounts for injury to feelings or humiliation suffered
  • Rectification of conduct that constitutes the interference with privacy
  • Redress of any loss or damage suffered.

Stephens Lawyers advises on all aspects of Privacy Law and works with its clients in the development and implementation of privacy compliance programs.

The firm has extensive experience in:

  • Conducting internal privacy audits, including the development of audit questionnaires and procedures
  • Preparing procedures and policies for the collection, use, disclosure, handling, security and storage of information in accordance with the National Privacy Principles
  • Developing and implementing a tailored Privacy Code for organisations.

In many cases compliance need not be costly or onerous. Stephens Lawyers recognises this and is able to offer advice on the most appropriate compliance approach.

Follow the link below to read our information sheet about the Privacy Act

Privacy Act 1988 Information Sheet