Julia’s tips on avoiding a privacy complaint.

Prepared by Julia Winzar

Individuals are becoming increasingly aware of their privacy rights and the privacy obligations that are imposed upon businesses.

Based on the OAIC’s latest annual report, 70% of all complaints received were in relation to the handling of the complainant’s personal information by a business. In particular:

  • the way in which the business has used or disclosed the personal information;
  • the actual collection or method of collection of the personal information;
  • the protections the business has in place to secure the personal information;
  • how a business has dealt with a request to access an individual’s personal information; and
  • the steps a business has taken to ensure the accuracy of personal information held by it.

It is important that businesses with privacy obligations ensure that they are clearly communicating to their customers the types of personal information they are collecting about the customer and the activities that they will use that personal information for. This is achieved by having an in-depth and tailored Privacy Policy available through your website. The Privacy Policy may also be supplemented by a privacy notice or consent where a customer may not expect their personal information to be used for a particular proposed purpose.

Businesses should also ensure they have detailed internal policies and procedures to enable them to deal with requests from customers to access or correct their personal information and ensure that personal information is kept safe. The key to successfully implementing these procedures is then to ensure staff members receive regular training on these policies.