When you have a business that needs to handle and/or store personal information from clients, it is essential to comply with the Privacy Act, known as the Australian Privacy Principles (APP). You may have a business website that handles customer credit card transactions that your digital agency has set up for you.
Even if you have as carpet cleaning business, having lawyers to help you will ensure your business is in compliance and they can also tell you if it is necessary for you to do so. Not all businesses need to.
This is just one of the many reasons it is wise to retain solicitors for your business. At least they will know all the details about your business and be able to give you the advice your need quickly.
Not all businesses need to know their clients personal information to conduct business. This personal information includes such things as…
- Telephone number
- Date of birth
- Medical records
- Bank account details
- Credit reports
- Tax file number information
Complying with the APP doesn’t mean that you cannot handle such information; it simply ensures you how your business – including your employees – should handle such information in order to keep it private.
In most cases when personal information is collected, it should only be used for the primary purpose it was collected for. However, there are some exceptions as follows: –
- If the individual has consented to its disclosure or use
- If the reason for the disclosure is related to the primary purpose of collection and the individual reasonably expects it to be used
- If the law requires the information
All personal information should be kept private by your business and destroyed when it is no longer needed. If it is not completely destroyed steps should be taken to de-identify it, so it cannot be related back to any specific individual.
As mentioned above, not all businesses need to comply with the APP. Generally speaking, a small business is one that has an annual turnover of less than 3 million dollars a year. If this applies to your business, you may not need to comply with the APP. However, it does not apply in all instances so it’s important to find out if your business is one of the exceptions.
Consulting with your lawyers is the best way to find out quickly and for sure whether you need to instigate any special measures in order to ensure the privacy of your clients. Training should be given to employees and a privacy officer appointed to check that everything needed is in place. In this way you can be sure your small business is in compliance and will not receive any penalties for non-compliance. In addition, when your clients know they can trust your business to keep their information confidential, they will be more likely to stay with you for longer.