What Does a Business Privacy Officer Do?

< Back to Data and Privacy
November 25, 2019

People are becoming more concerned about their privacy rights. As a result, your business needs to start taking greater care to ensure compliance with privacy law. Doing so will bolster both your employees’ and your customers’ confidence that you take their privacy seriously. One way to manage your obligations is to nominate a privacy officer. So, in this article we explore:

  • who a privacy officer is;
  • what their responsibilities are; and 
  • the benefits of having one in your business. 

What is a Privacy Officer? 

A privacy officer is an employee in your business, who is responsible for: 

  • ensuring privacy compliance; and
  • handling privacy-related enquiries. 

Your privacy officer should remain aware of recent privacy law developments and ensure that they implement any requirements. It is their responsibility to build a culture of privacy compliance within the organisation. 

Are Privacy Officers Mandatory?

Businesses do not need to have a privacy officer; only Australian Government agencies are required to have this role. Although many aspects of privacy compliance are not required by law, they are strongly recommended to demonstrate that you take privacy seriously. 

The Office of the Australian Information Commissioner (OAIC) recommends many practices for APP entities which promote compliance with the Australian Privacy Principles (APPs). An APP entity is one which: 

  • has an annual turnover of more than $3 million;
  • provides health services; or
  • buys, sells or otherwise trades in personal information.

One of the practices recommended for APP entities is nominating a Privacy Officer. If you have a large business, you may need to appoint multiple officers.

Privacy Officer Responsibilities 

You should clearly explain the role of a privacy officer to the employee who you appoint. Key responsibilities of a privacy officer may include:

  • implementing a Privacy Management Plan;
  • implementing a Data Breach Response Plan;
  • responding to data breaches (following your Data Breach Response Plan);
  • ensuring that your website’s privacy policy is up to date;
  • ensuring that your business complies with Australian privacy and data laws and regulations, and potentially overseas regulations such as the European Union’s General Data Protection Regulation (GDPR);
  • training other staff about recent privacy and data law updates;
  • recording what information your business collects and what you do with it; and
  • being the point of contact for other employees, customers or clients who have privacy-related questions or complaints.

Benefits of Having a Privacy Officer

Having a business privacy officer is not mandatory but it can be beneficial for a few reasons:

  • there is one person tasked with privacy compliance;
  • privacy complaints and questions are managed by one person to ensure consistency in answers and responses; and
  • it demonstrates a commitment to comply with the APPs. 

Key Takeaways

While it is not mandatory, your businesses would benefit from having a privacy officer. Above all, the role can:

  • promote privacy compliance within your business; and
  • streamline processes for dealing with privacy issues or complaints.

If you have any questions or would like advice on your obligations under the APPs, contact LegalVision’s privacy lawyers by calling 1300 544 755 or filling out the form on this page.

About LegalVision: LegalVision is a tech-driven, full-service commercial law firm that uses technology to deliver a faster, better quality and more cost-effective client experience.

The majority of our clients are LVConnect members. By becoming a member, you can stay ahead of legal issues while staying on top of costs. For just $199 per month, membership unlocks unlimited lawyer consultations, faster turnaround times, free legal templates and members-only discounts.

Learn more about LVConnect

Need Legal Help? Get a Free Fixed-Fee Quote

If you would like to receive a free fixed-fee quote or get in touch with our team, fill out the form below.

  • By submitting this form, you agree to receive emails from LegalVision and can unsubscribe at any time. See our full Privacy Policy.
  • This field is for validation purposes and should be left unchanged.
Read other articles by Jessica
Tags
Our Awards
  • 2019 Top 25 Startups - LinkedIn 2019 Top 25 Startups - LinkedIn
  • 2019 NewLaw Firm of the Year - Australian Law Awards 2019 NewLaw Firm of the Year - Australian Law Awards
  • 2020 Fastest Growing Law Firm - Financial Times APAC 500 2020 Fastest Growing Law Firm - Financial Times APAC 500
  • 2020 AFR Fast 100 List - Australian Financial Review 2020 AFR Fast 100 List - Australian Financial Review
  • 2020 Law Firm of the Year Finalist - Australasian Law Awards 2020 Law Firm of the Year Finalist - Australasian Law Awards
  • Most Innovative Law Firm - 2019 Australasian Lawyer 2019 Most Innovative Firm - Australasian Lawyer
Privacy Policy Snapshot

We collect and store information about you. Let us explain why we do this.

What information do you collect?

We collect a range of data about you, including your contact details, legal issues and data on how you use our website.

How do you collect information?

We collect information over the phone, by email and through our website.

What do you do with this information?

We store and use your information to deliver you better legal services. This mostly involves communicating with you, marketing to you and occasionally sharing your information with our partners.

How do I contact you?

You can always see what data you’ve stored with us.

Questions, comments or complaints? Reach out on 1300 544 755 or email us at info@legalvision.com.au

View Privacy Policy