What should the ‘storage and security’ clause contain?
You should clearly set out what procedures have been put in place to safeguard and secure the personal information. This could be any physical, electronic or managerial procedures which prevent personal information from misuse, interference, loss and unauthorised access, modification and disclosure.
However, to protect your business, your lawyer should set out that, if information is transmitted over the Internet, this transmission cannot be guaranteed to be secure and that the transmission and exchange of information is carried out at the visitor’s own risk.
Failing to comply with the Privacy Act may result in fines of up to $1.7 million for companies, or $340,000 for entities that are not companies (including individuals) for serious or repeated breaches of the Privacy Act.