Everything is in the cloud now (as the saying goes). Technology is a huge part of a business operations, whether it be email communication with staff and customers, the use of cloud-based software, or marketing through social media platforms, there is now a huge potential for a business owner to unknowingly breach their obligations under the Privacy Act.
Non-compliance with the Privacy Act can have serious repercussions for business owners, so you should keep abreast of any changes to your obligations under it.
A new set of changes to the Act came into effect earlier this year that directly affect business owners. The most significant of these changes include:
- The replacement of the National Privacy Principles by the Australian Privacy Principles (APPs);
- The enhancement of the Australian Information Commissioner’s powers, including:
- the power to take court-enforceable undertakings from organisations in relation to privacy matters;
- the ability to attach civil penalty orders for serious or repeated breaches of the Privacy Act, which could see individuals facing fines of up to $340,000 and corporations up to $1,700,000; and
- The enhanced requirement for disclosure of transferring personal information outside of Australia. For example though the use of; accounting software, Gmail, Hotmail and data storage services like Dropbox.
What this means for business owners is that they should review and update compliance policies and terms of business to reflect the changes.