Privacy Awareness Week: It’s In Your Hands

< Back to E-Commerce
May 18, 2016

Privacy Awareness Week is upon us, from the 15th-21st of May 2016. This week serves as an important reminder to businesses, organisations, enterprises and individuals that they must control the management of private information and prioritise maintaining the best practice of handling personal information. The theme of this year’s Privacy Awareness Week is “Privacy in your hands”, speaking to businesses taking ownership of how they handle a client’s personal information. How can your business remain compliant when managing personal information where technology advancements require constant re-evaluation of privacy management. Below we set out four tips on how you can protect your client database and other sensitive information.

1. Planning and Governance

The duty of privacy management should form part of the strategic planning of any organisation. Businesses should manage privacy within all projects, products and practices. It’s important to consider the following tips to ensure that you are compliant with the Privacy Act 1988 (Privacy Act) and Australian Privacy Principles.

  • Which employee is responsible for privacy planning?
  • Plan for privacy for upcoming projects.
  • Do you have a privacy policy in place? This should be displayed on your website and communicated to staff and clients.
  • Be selective about the information you need to collect and when and how it should be accessed.
  • Keep all personal information secure.
  • Have a data breach response plan in place. This is where personal information held is lost or stolen.  

2. Strong Privacy Policy

As a corporation, it is important to understand your rights and responsibilities under the Privacy Act. A comprehensive privacy policy for your business compliant with the Act will convey to your business and clients that you prioritise privacy and create trust. A business’ website typically displays their privacy policy and will include: 

  • What personal information you will collect from your clients; 
  • How your business will use personal information; 
  • How and when you will collect and disclose personal information;
  • How you will store personal information;
  • Acknowledge the rights of your customers to access their personal information; and
  • Describe what happens if the information collected is no longer accurate.

3. Internal Privacy Policy

Privacy Week is the opportune time to communicate to your staff how they handle personal business and client information. Ensure employment and contractor agreements have a privacy clause so that employees don’t misuse or disclose staff, client information and trade secrets after employment has ceased. This is careful planning and should rest with your human resources representative.

4. Data Breach Plan

Data breaches are becoming increasingly common in this technology age. Your business’ greatest asset is your client database so it’s important to have an action procedure in place should a data breach occur. As data breaches cannot be predicted there are four key steps to managing a breach: 

  1. Contain the breach: This may involve closing or shutting down the system to prevent further records from being misused.
  2. Determine the risk of the breach: What information has been compromised? Who does this breach affect?
  3. Notify: Determine if individuals require notification, to prevent serious harm to the individual. This includes reporting to the authorities and agencies to which the information has a direct relationship.
  4. Prevent future breaches: As a result of a direct breach, there should be a review of policies and procedure to staff and a security audit of data.

4. Responsibility of Clients

Individuals and clients must also be aware of their privacy choices. It’s important to understand your rights and the choice to share your personal information. It is important to make an informed decision when sharing information and read the privacy policy available. A privacy policy will communicate to clients how a business will use your information and how to rescind the right to use your personal information.

Key Takeaways

Maintaining the privacy of sensitive information is valuable to a corporation and an individual. It’s important to protect your business with a privacy policy, compliant with the Privacy Act and the Australian Privacy Principles. Privacy Awareness Week provides your business with the chance to reflect and ensure you are handling your client’s sensitive personal information responsibly. Make sure you are well equipped to handle sensitive information within your business. If you have any questions, get in touch with our IT lawyers on 1300 544 755. 

Sophie Glover

About Sophie Glover

(Read all articles by Sophie)

Sophie is a Lawyer and Legal Project Manager at LegalVision.  Sophie has experience in the tech startup sphere and loves helping innovative ideas evolve into fully fledged businesses.  She has experience at the Public Interest and Advocacy Centre and in IP law.  Sophie has a Bachelor of Medical Science, Juris Doctor and is particularly interested in Biotechnology and E-Commerce.

Ask Sophie a Question

If you would like further information on any of the topics mentioned in this article, please get in touch using the form on this page.

Tags