Privacy Laws – Compliance Checklist [November 2014]
Make sure that your government agency, organisation or business has a Privacy Plan and Policy that complies with the Federal and State Privacy Laws and is capable of implementation, by completing the Stephens Lawyers & Consultants Checklist for Privacy Law compliance below:
1. Determine if Privacy Laws (State or Federal) apply to your government agency, organisation or business.
2. If the Privacy Law does not apply to your government agency, organisation or business, decide if you want to voluntarily opt-in to comply with the Privacy Laws.
3.Appoint a Privacy Officer who will be responsible for privacy compliance within your government agency, organisation or business.
4.Develop a privacy plan.
5. Educate staff in relation to the Australian Privacy Principles (“APP”) and applicable Privacy Laws
6.Promote the Privacy Plan within the government agency, organisation or business.
7. Prepare a Privacy Audit Questionnaire to ascertain:
a)What personal information your government agency, organisation or business collects, holds, uses and discloses, and where and how it is stored or secured.
b)Whether your government agency, organisation or business’ handling of personal information is in compliance with the APP and the applicable Privacy Laws.
8.As a part of the Privacy Audit, review contractual arrangements with third parties who receive personal information from your government agency, organisation or business or on its behalf.
9. Analyse the results of the Privacy Audit.
10. Compare results of the Privacy Audit with the APP and the applicable Privacy Laws.
11.Obtain legal assistance if the Privacy Audit reveals areas of non-compliance with the APP and/or the applicable Privacy Laws
12. Develop and implement a plan to rectify areas of non-compliance within your government agency, organisation or business.
13. Develop and implement statements or messages to comply with APP and the applicable Privacy Laws
14. Develop and implement a Privacy Policy for your government agency, organisation or business.
15. Develop and implement an effective complaint handling procedure relating to the APP and the applicable Privacy Laws for your government agency, organisation or business
16.Educate and train staff on privacy procedures and policies.
For further information contact
Katarina Klaric | Principal
STEPHENS Lawyers & Consultants | Suite 205, 546 Collins Street, Melbourne VIC 3000 Australia
T + 61 3 8636 9100 | F + 61 3 8636 9199 | E katarina.klaric@stephens.com.au
PO Box 16010 Collins Street West VIC 8007 Australia
www.stephens.com.au
Stephens-Klaric Legal Pty Ltd (ACN 117 672 376) trading as Stephens Lawyers & Consultants
***Please note that this list is not intended to be a comprehensive list for privacy compliance. The list provides you with guidelines for dealing with privacy compliance and what your government agency, organisation or business should do to comply. What is required for compliance will vary from government agency/organisation/business to government agency/organisation/business