Magazine article Journal of Banking and Financial Services , Vol. 116, No. 6
Australian businesses now have another Ten Commandments to follow--and we're not talking about murder or adultery. Rather, they're the ten national privacy principles (NPPs) attached to recently-enacted privacy rules.
The Privacy Amendment (Private Sector) Act came into force on December 21 last year. The legislation extends the power of the Privacy Act of 1988 and will apply to significant segments of the private sector.
The ten National Privacy Principles (NPPs) are at the core of the Act. They cover:
* how personal information is collected;
* the purposes for collecting that information;
* how accurate and up-to-date that information is;
* how securely that information is kept;
* the rights customers have to retrieve their own information;
* how this information is classified;
* customer's rights to remain partly identifiable in any transactions;
* how information flows from country to country; and
* how sensitive information can not be collected without consent.
Personal information can identify an individual. For example a driver's licence contains personal information in the form of name, address and date of birth.
Until now, the legislation has applied to all businesses with turnover of $3 million or more. However the legislation is also applicable to some organisations even if they have a lower turnover, such as providers of health services, direct marketing companies and contracted service providers for the Commonwealth. This month, the legislation will apply to all businesses, regardless of turnover.
The new privacy legislation will not apply to areas where there are already legal arrangements such as with medical records, banking records, legal records and employment records.
The new laws are significant because it is the first time Australians, as consumers of goods and services, have been protected by such comprehensive privacy laws.
Despite the compliance costs, the measures should be a boon for business, as they are part of an international initiative to standardise the way the world does business. There are now privacy laws in over 30 countries and in our own region this includes Japan, New Zealand, Hong Kong and Taiwan.
Privacy is good business. An American Express survey of 11,000 people in ten countries quoted 79 per cent citing privacy and security as a concern when involved in e-commerce transactions.
However, when it comes to complying with new legislation, Australia's track record is not so good. …