The collection of personal information is an important everyday task for many businesses. If done well, it can help businesses provide customers and clients with a high level of service. However, handling and managing personal information comes with responsibility, both under the Australian Privacy Act and to those whose information is being collected.  

The Australian Privacy Act regulates the collection, storage, use and disclosure of personal information. Personal information is information or an opinion about an identified (or reasonably identifiable) person. It includes information such as a person’s name, date of birth, email address and residential address.  

Not all businesses are required to comply with the Privacy Act. Those with an annual turnover of less than A$3m are excluded. However, compliance for others is a must, regardless of annual turnover.

For example, those who provide health services must comply. Health service providers include doctors, physiotherapists, chiropractors, dentists, naturopaths, hospitals, gyms, personal trainers, weight loss clinics, childcare centres, private schools and other tertiary educational institutions. Put simply, a health service provider is any organisation that provides services in relation to physical, emotional, psychological and mental health.

Not all businesses are required to comply with the Privacy Act. Those with an annual turnover of less than A$3m are excluded.

There are many other businesses and organisations that must comply with the Privacy Act. If you are not sure if your business or organisation is one of them, you can find out via the Office of the Australian Information Commissioner.  

Only a small number of businesses fall within the scope of the Privacy Act. But those who don’t may wish to commit to closely following the Australian Privacy Principles (APPs), which set out how a business or organisation must handle, use and manage personal information.

Top reasons for complying with the Privacy Act

There are a range of reasons why businesses should comply with the Privacy Act. Here are the top three.  

If you really want to benefit from an increase in consumer confidence, then consider voluntarily and formally opting into the Privacy Act.

1. The Act makes it mandatory for you to comply. If you fall within the scope of the Privacy Act, then you must comply. The Office of the Australian Information Commissioner may impose a range of penalties for non-compliance, including civil penalty orders.

2. Provide your customers and clients with confidence. To provide your customers and clients with confidence and surety. Give them your commitment to strong privacy practice to ensue them that their personal information will be treated in a professional and fair manner. Implement a privacy policy that states your commitment to privacy matters and set out the APPs and how you will follow them. A small investment may pay dividends. 

3. Reduce the potential for misuse of personal information within your business. Have a properly prepared privacy policy in place and ensure that all relevant personnel understand and follow it. This will reduce the likelihood of personal information being misused, inadvertently or otherwise. It may well prevent a privacy related disaster, which can often lead to reputational damage.

Trust and responsibility

Being trusted with personal information comes with responsibility and must be treated seriously. Having a properly prepared privacy policy in place is an excellent first step toward earning that trust.

But, if you really want to benefit from an increase in consumer confidence, then consider voluntarily and formally opting into the Privacy Act. It’s a free and simple process and may just be the completive edge that your business has been searching for.  

Find out more about Australian Privacy Awareness Week at the OAIC website.