It has been almost three years since the Australian Privacy Principles (APPs) were introduced. At that time many organisations did a widespread review and update of their privacy policies and other key privacy documents and procedures. In a world where fast-evolving technologies regularly impact information collection practices, another review and update may well be (over)due.
Consumers are now more privacy-aware and discerning about who they provide their personal information to than they have ever been. Privacy breaches quickly become headline news and often have repercussions for organisations that fail to meet community expectations about how personal information should be managed.
In 2013, the Office of the Australian Information Commissioner’s (OAIC) privacy survey found that 60% of Australians have decided not to deal with a private company due to concerns as to how their personal information will be used. In light of high profile data breaches and the community response to the 2016 Census (both in terms of the privacy concerns and the website being taken off-line due to security concerns) even more people may avoid dealing with an organisation – Government or private sector – if they don’t trust it will handle their personal information appropriately.
Publicise the update
Update related documents
Privacy policies do not exist in a vacuum and are not the only documents you need to have in order to support privacy compliance. Make sure you also make corresponding and appropriate updates to your other internal and external privacy documents that address privacy and information management, such as your website terms and conditions, privacy collection statements and data breach response plans.
The content of this publication is for reference purposes only. It is current at the date of publication. This content does not constitute legal advice and should not be relied upon as such. Legal advice about your specific circumstances should always be obtained before taking any action based on this publication.