Privacy Act – Steering your Clients through these Hazardous Waters
Considering the hazards of data hacking and breach of privacy, it is a customer’s right that their privacy is respected as well as protected. For this particular purpose “The Privacy Act” is declared to order to provide clients the security they are expecting and need. The “Privacy Act of 1988” of Australian law implicated this security and protects the data of the individual. This act enables the individual to collect, use, store and disclosure of personal information as well as provides access to and correction of that information.
The Australian “Privacy Act” comprises of two major aspects which provide the desired protection to the customer’s information:
- 13 Australian Privacy Principles; they apply to the management of personal information of the individuals.
- credit reporting provisions; helps protect the credit-related personal information that credit providers are legalized to reveal to credit reporting bodies for enclosure on individuals’ credit reports.
Australian Privacy Principles and their function of protection
The basic 13 principles that are the building blocks and assurance of protection of privacy act that should be considered during the provision of the service are:
- Open and transparent management of personal information- ensure that APP entities manage the collected personal information in an open and clear way.
- Anonymity and pseudonym – individuals must have the option of not declaring their identity, or of using a pseudonym, when dealing with an APP entity.
- Collection of solicited personal information- this does not include sensitive information as it is not permitted by APP.
- Dealing with unsolicited personal information- confirmation of the collected information is determined if it’s not unsolicited.
- Notification of the collection of personal information- The individual is notified before or at time of collection of personal information.
- Use or disclosure of personal information- The individual is informed about the use and disclosure of the collected information and they agree to it. This is obligatory to every organization except for direct marketing purpose or by government organizations.
- Direct marketing- organization must not use or disclose the information for the purpose of direct marketing with exception of sensitive information.
- Cross-border disclosure of personal information- Before disclosure to an overseas person, APP entity must ensure the recipient doesn’t breach the APP regarding the information disclosed
- Adoption, use or disclosure of government related identifiers- Government related identifier is required or must be authorized by or under an Australian law or a court order.
- Quality of personal information- the collected personal information that the entity collects must be correct, full and latest.
- Security of personal information- the collected information must be protected from misuse, interference and loss, due to someone else using the info.
- Access to personal information- Access to the information must be provided on request of the individual.
- Correction of personal information- the entity holding information must ensure that the info should not be incorrect.
Credit Reporting Functions- A brief overview
Part IIIA of the Privacy Act controls the management of personal information about individuals’ activities in relation to consumer credit. This declares 3 aspects the information declared can be managed:
- The categories of personal information that credit providers can disclose to a credit reporting body, for the purpose of the collected information to be included in an individual’s credit report.
- To what entities the collected information is declared to.
- The basic purposes for which that information may be used.
Illegal Privacy Breach: File complaint under Australian Privacy Act 1988
According to the Privacy Act 1988 (Privacy Act) and Information Privacy Act 2014 an individual can file a complaint to the Office of the Australian Information Commissioner (OAIC) about the privacy breach of handling of your personal information by Australian and Norfolk Island government agencies and private sector organizations who are covered by the Privacy Act.
The simple procedure that can be executed by the individual are in order to file the complaint they should know that it is free to file a complaint against the accused entity. However, the individual does not require a lawyer but in case if they do decide to hire a lawyer, individual would be liable to pay for the lawyer themselves. The Office of Australian Information Commissioner investigates privacy complaints from individuals about Australian and Norfolk Island government agencies, and private sector organizations which are enlisted and influenced by the Privacy Act 1988. Though, the Privacy Act does not include or influence the state and territory government agencies, but the OAIC does investigate complaints about ACT public sector agencies under the Information Privacy Act 2014 (ACT).
Furthermore, the OAIC intends to resolve complaints as rapidly as it is possible. Although some complaints are resolved within the time of few weeks, but then more complex the complaints are, more time it may take to resolve them. Complaints filed are normally resolved through conciliation. The individual also possess the option to withdraw the complaint at any time.
This procedure would empower the clients and enable them to claim their rights in case of breach and protect their information according to Australian laws and regulations while they are provided with any accounting services, including Tax Return Melbourne.