What’s the Difference Between Personal and Sensitive Information?

< Back to Regulatory and Compliance
July 26, 2017 (Updated on May 1, 2020)

Technology plays an increasingly important role in our homes, businesses and personal devices. As a result, we are generating more personal data than ever before. As a business owner, you may value this data because it can allow you to better understand your client base. It can also be essential information to collect from your employees. However, strict laws apply to the collection, storage, and use of personal and sensitive information. If you collect data from your employees, it is important to understand exactly what type of information your business deals with. Understanding the difference between personal and sensitive information allows you to understand what your obligations are under Australian privacy laws. This article will explain the difference between personal and sensitive information.

Why is There a Distinction Between Personal and Sensitive Information?

Any organisation that collects, stores, uses or discloses personal and sensitive information has certain obligations under Australian privacy laws. However, these obligations are stricter in relation to sensitive information. This is because of how serious the effect of disclosing sensitive information may be on a person’s life. The nature of sensitive information means that if a business inappropriately handles that information, the person affected might suffer:

  • discrimination;
  • mistreatment;
  • humiliation; or
  • embarrassment.

Because of this, sensitive information attracts greater protection under privacy laws than personal information. Businesses that handle this type of information should be very careful.

What is Personal Information?

Personal information is a very broad term. Generally, it refers to any information or opinion about:

  • a particular individual; or
  • a person who could be easily identified

Even if this information or opinion is untrue or inaccurate, it may still be considered personal information under the law. The information also does not need to be in written form. Some examples of personal information include an individual’s:

  • name;
  • address;
  • phone number;
  • date of birth;
  • signature;
  • email address; and
  • bank account details.

What is Sensitive Information?

Sensitive information is a type of personal information. Unlike some personal information, however, sensitive information may result in discrimination or harm if it is mishandled. For example, sensitive information includes any information or opinion about an individual’s:

  • race or ethnic origin;
  • political opinions or membership of a political organisation;
  • religious beliefs and affiliations;
  • philosophical beliefs;
  • membership of a professional association or trade union;
  • sexual preferences and orientation;
  • criminal record;
  • health information;
  • genetic information; or
  • biometric information.

What Personal Information Do I Have About My Employees?

If your business has employees, you are likely to possess specific pieces of information that are considered personal information. For example, your business may possess details about an employee’s:

  • terms and conditions of employment;
  • personal and emergency contact details;
  • performance and conduct assessments;
  • hours of employment;
  • salary or wages;
  • membership of a professional or trade association (which is also sensitive information);
  • membership of a trade union (which is also sensitive information);
  • leave accrual and use; or
  • taxation, banking or superannuation details.

Once you have identified what personal information you currently have about your employees, you should ensure that you protect and organise this information correctly and securely.

Key Takeaways

It is important to understand what type of information your business collects and why your business collects it. Once you have a clear understanding of the information you are dealing with, you can review your obligations under Australian privacy laws relating how you store and protect the personal and sensitive information you collect. If you have any questions about how your business collects or uses employees’ information, contact LegalVision’s IT lawyers on 1300 544 755 or fill out the form on this page. 

About LegalVision: LegalVision is a tech-driven, full-service commercial law firm that uses technology to deliver a faster, better quality and more cost-effective client experience.

The majority of our clients are LVConnect members. By becoming a member, you can stay ahead of legal issues while staying on top of costs. For just $199 per month, membership unlocks unlimited lawyer consultations, faster turnaround times, free legal templates and members-only discounts.

Learn more about LVConnect

About Christopher Lichtenberg
(Read all articles by Christopher)
After graduating from a Bachelor of Laws/Bachelor of Arts (Italian) from the University of Wollongong, he worked as a graduate at Oracle. He has an interest in IT law, particularly with the regulations surrounding cloud computing services. In his spare time, Chris also volunteers with the Australian National Dance Association.
Need Legal Help? Get a Free Fixed-Fee Quote

If you would like to receive a free fixed-fee quote or get in touch with our team, fill out the form below.

Read other articles by Christopher
Tags
Our Awards
  • 2019 Top 25 Startups - LinkedIn 2019 Top 25 Startups - LinkedIn
  • 2019 NewLaw Firm of the Year - Australian Law Awards 2019 NewLaw Firm of the Year - Australian Law Awards
  • 2020 Fastest Growing Law Firm - Financial Times APAC 500 2020 Fastest Growing Law Firm - Financial Times APAC 500
  • 2020 AFR Fast 100 List - Australian Financial Review 2020 AFR Fast 100 List - Australian Financial Review
  • 2020 Law Firm of the Year Finalist - Australasian Law Awards 2020 Law Firm of the Year Finalist - Australasian Law Awards
  • Most Innovative Law Firm - 2019 Australasian Lawyer 2019 Most Innovative Firm - Australasian Lawyer