|
The Privacy Act 1993 follows various guidelines issued by the ACED for the
protection of privacy and the regulation of trans-border flows of personal data.
The scheme of the Act is to lay down 12 “privacy principles” including
some which permit correction of information and prohibiting the passing on of information.
The Privacy Commissioner is empowered under the Act
to set Codes of Practice which may make the Statutory Rules under the Act more stringent
or less stringent. This is especially so in relation to any particular class or
classes of information or in respect of any particular industries or activity.
Under the Act, aggrieved persons are entitled to complain to the Privacy Commissioner.
Proceedings can also be brought before the Human Rights Tribunal. The Tribunal has
power to award damages (including for emotional harm) to unlimited amounts.
Failure to comply with the Act can result in your business having to deal with
time-consuming complaints, whether directly from an aggrieved individual or from
the Privacy Commissioner or in front of the Human Rights Review Tribunal.
Your business needs to ensure that it has in place proper procedures which
ensure personal information is properly collected,
stored and not misused and the Act complied with.
Lessons
Lesson 1 > Introduction to the Privacy Act 1993
Lesson 2 > Use of Personal Information
Lesson 3 > Requests to Access and Correct Personal Information
Lesson 4 > Holding Personal Information
Lesson 5 > Collection of Personal Information
|
