Privacy is Important, Particularly for Business Owners
Privacy laws are important. Many business transactions rely on a business collecting and using customers’ personal information. Personal information is information or an opinion about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion. For example, this could include a person’s name, address, telephone number, email address etc. It is therefore critical for business owners to protect and respect the privacy of their customers and to take whatever steps are necessary to ensure that their customers feel that their privacy is protected and respected. This is the case regardless of whether there is a legal obligation to do so. Trust is the cornerstone of many business relationships.
Privacy Laws – The Privacy Act
The Privacy Act sets out rules with which many businesses must comply regarding the collection, use, storage and disclosure of personal information. The Privacy Act contains ten National Privacy Principles (NPPs), which regulate how businesses to which the Privacy Act applies must hand personal information. They cover topics such as collection, use, disclosure, storage and access relating to personal information. The Privacy Act has been reformed and as a consequence the NPPs will be replaced by new Australian Privacy Principles (APPs) from 12 March 2014. The Privacy Act applies to most private sector organisations (including non-profit organisations). However, it does not apply to small businesses, being businesses with annual turnover of less than $3 million, other than businesses that are related entities of larger businesses, health service providers, operate a residential tenancy database (for example, real estate agents), contractors to the Commonwealth and reporting entities for the purposes of anti-money laundering legislation. This means that most small businesses do not need to comply with the Privacy Act. However, for those that do the compliance requirements can be simple and inexpensive to manage, provided you are organised and act with common sense.
Some practical tips for small businesses to comply with the Privacy Act are:
- if you collect personal information from people, tell them that you are collecting it and what you are going to do with it;
- only use a person’s personal information for the purpose for which it was obtained;
- keep it safe and don’t share it with anyone else;
- enable people to ask what personal information you have about them and access it if they wish;
- be open and honest with customers about how you handle personal information;
- review your collection procedures from time to time to ensure that you are complying with your legal obligations.
Even if the Privacy Act does not apply to a business, small businesses can opt in to the Privacy Act. Many businesses do so as the NPPs provide a practical guide to businesses regarding dealing with customers’ personal information so that they can take the necessary steps to ensure that their customers feel that their privacy is protected and respected.
The benefits for a business of opting in or putting in place systems and processes so that they comply with the Privacy Act could far outweigh the risk to customer confidence and trust by not doing so. Of course, it depends on your business and customers, but at the very least you should consider how you can better deal with the personal information of your customers to instil confidence and trust in your business and business relationships. Speak with one of our experienced small business attorneys today to get a fixed-fee quote for advice.