Countdown to the New Privacy Law Regime

57 %
43 %
Information about Countdown to the New Privacy Law Regime
News & Politics

Published on March 10, 2014

Author: MikaelaSquirchuk

Source: slideshare.net

Description

Business owners with an annual turnover of more than $3 million will need to shape up their privacy policies and procedures in time for this Wednesday's Privacy Act amendments.

The new laws increase the obligations for legal owners and impose harsher penalties for serious and repeated breaches.

This article provides a high level summary of the key changes to the privacy laws and their relevance to business owners.

          Countdown to the new privacy law regime by Marcus Connor Business owners who have an annual turnover of more than $3 million have just a few days to ensure that they are compliant with the new privacy law regime, or face the possibility of hefty penalties. The new privacy laws take effect on Wednesday 12 March 2014. Business owners cannot take a relaxed approach to the changes. The new privacy laws appear to increase the legal risk for business owners as they impose stronger obligations on them with respect to the collection, use, storage and disposal of personal information. They also impose heavy penalties for serious and repeated breaches of privacy. This article provides a high level summary of the key changes to the privacy laws and their relevance to business owners. It also suggests what action business owners should take before the commencement of the new privacy laws. What has changed? In summary, the Privacy Act 1988 (Cth) was amended by the Rudd Government to make the following changes: • to consolidate and harmonise the privacy principles which apply to the private and public sectors. The new principles are called the “Australian Privacy Principles” (the APPs) and they will replace the “National Privacy Principles” which currently apply to businesses; • the APPs require businesses to be more transparent about how they collect, use and store individuals’ personal information. In particular, the APP7 imposes more rigorous laws around using personal information for direct marketing; • to implement a new credit reporting regime; • to enhance the investigative and enforcement Australian Information Commissioner (AIC); and • to impose civil penalties for a breach of the new privacy laws. powers of the What changes are relevant to business owners? Business owners need to be aware of the following changes: • APP 1 – management of personal information: this principle requires business owners to manage personal information in an open and transparent way. It means that busineses owners must update their privacy policies and procedures to comply with the APPs. It also means business owners must deal with privacy queries or complaints as they may arise; • APP 4 – dealing with unsolicited personal information: this principle requires business owners to implement a policy and procedure for dealing

        with unsolicited information. In particular, business owners are required to de-identify or destroy unsolicited personal information if they could not have collected that information in accordance with APP3; • APP 5 – notification of the collection of personal information: this principle imposes an obligation on business owners to notify individuals about the collection of their personal information. The timing and types of matters which must be notified to the individual is prescriptive; • APP 7 – direct marketing: this reform deals with the use and disclosure of personal information. Business owners must give individuals the ability to opt-out of direct marketing. Their request to do so must be actioned by the business within a reasonable time and at no cost. Additionally, business owners are not permitted to use sensitive information, such as health information, about an individual for marketing purposes without their prior consent; • APP 8 – cross-border disclosure of personal information: Business owners are required to inform individuals of the practical effect and the potential consequences of an individual giving their informed consent for offshore disclosure of their personal information; • Increased AIC powers – the AIC will have enhanced powers to investigate compliance with the new privacy laws. The AIC is also empowered to accept enforceable undertakings from a business or an individual if non-compliance with the APPs is established; and • Financial penalties – If the AIC determines that a business or an individual has breached those laws, then it is empowered to apply to the Federal Court for a civil penalty order for a serious and repeated interference with the privacy of an individual. The maximum penalty for a company is $1.7 million and $340,000 for an individual. What action should you take before 12 March 2014? We recommend that business owners do the following: • Appoint a Privacy Officer – If they have not done so already, business owners should appoint someone within their organisation to oversee their fund’s compliance with the Privacy Act; • Update your privacy policy – Business owners must update their privacy policy so that it complies with the information requirements of APP1.4; • Conduct a self-audit – Business owners should review their existing procedures to ensure that they are able to comply with the new APPs. In particular, business owners should work with their call centres, marketing and IT teams to ensure that adequate systems and procedures are in place to deal with collected unsolicited personal information, direct marketing activities and privacy complaints; and • Educate staff – Business owners should make their staff aware of the new privacy laws and the importance of protecting personal information; and  

      •   Review outsourcing arrangements – If any business owners have outsourcing arrangements which deal with personal information, then they should be checked to determine if they will comply with the new privacy laws. The bottom line Business owners cannot take a relaxed approach to the changes. The new privacy laws now have teeth as the regulator, the AIC, has investigative powers and the ability to seek enforceable undertakings and heavy fines of up to $1.7 million for companies. Additionally, business owners will appreciate that a breach of the privacy laws could cause them significant reputational damage. If you have any questions about the new privacy laws and how to comply with them, please do not hesitate to contact Marcus Connor on (02) 8076 6010 or by email (marcus.connor@c-legal.com.au). About the author Marcus Connor Marcus is a partner of Connor Stevens Lawyers. The firm specialises in corporate law and litigation. Marcus is an experienced corporate and commercial lawyer specialising in mergers and acquisitions, strategic commercial arrangements and compliance.  

Add a comment

Related presentations

Related pages

Countdown to the new privacy law regime - Connor Stevens ...

by Marcus Connor Business owners who have an annual turnover of more than $3 million have just a few weeks to ensure that they are compliant with the new ...
Read more

Countdown to The Introduction of The New Patent Box Regime ...

Countdown to The Introduction of The New ... From 1 April 2013, UK companies will be able to elect into a new regime that ... Related Sites MWE China Law ...
Read more

Countdown to new regime - Professional Adviser

Retirement Planner Forum & Awards 2016. Retirement Planner is committed to delivering best practice advise and discussion to our audience of professional ...
Read more

Countdown to a new health and safety regime - Lexology

Countdown to a new health and safety regime ... the event which triggered the largest rewrite of New Zealand’s health and safety law in 20 ... Privacy ...
Read more

Countdown to the PPSA reforms! - Online Legal Services ...

Countdown to the PPSA reforms! ... The new regime. ... Academic Marker, University of New England Law School.
Read more

Countdown to the new UK competition litigation regime ...

Countdown to the new UK competition litigation regime ... It's a good one stop solution where one is able to view the same law/cases from different ...
Read more

New tough privacy regime in the PhilippinesData Privacy ...

New tough privacy regime in the ... in the expansion of data privacy laws in the Asia Pacific region and ... A new national regulator for privacy.
Read more

Herbert Smith Freehills - Countdown to the new UK ...

State aid law; EU law and ... Countdown to the new UK competition litigation regime; Share. ... Countdown to the new UK competition litigation regime
Read more

New draft European data protection regime

New draft European data protection regime to apply also to all US ... establish a unified European data protection law. ... New privacy rights, including ...
Read more

Countdown To The CMA - Enterprise And Regulatory Reform ...

... Enterprise and Regulatory Reform Act 2013 is expected to herald the development of a more effective and efficient competition law regime ...
Read more