The Office of the Australian Information Commissioner (OAIC) recently began enforcing some significant changes to the Privacy Act 1988 (Privacy Act). These changes were introduced with the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Privacy Amendment Act) which came into effect on 12 March 2014.
The Privacy Regulation 2013, made under the Privacy Act, also commenced on 12 March 2014.
What do the new changes mean for business?
The new amendments include the introduction of a set of 13 harmonised privacy principles, called the Australian Privacy Principles (APP's). These principles replace previous principles and apply to all Australian organsiations with revenues of $3 million or more.
In the age of Cloud Techology and Big Data, measures to protect individuals and organisations from Privacy and Data Security breaches are being taken very seriously. The Privacy Act 1988 prescribes severe penalties for 'Serious and Repeated Interferences with Privacy' which may result in criminal prosecution and/or civil penalties being imposed of up to:
- $340,000 for individuals, and
- $1,700,000 for public and private organisations
Incorrect disposal of IT equipment and data storage media is a primary source of data and privacy breaches all around the world.