The Australian Privacy Principles (APP)
The Australian Privacy Principles (APPs) are contained in schedule 1 of the Privacy Act 1988 (Cth) (Privacy Act). The APPs outline how “APP entities” must handle, use and manage personal information.
Legal practitioners need to be aware that the APPs are not prescriptive. Each APP entity has to consider and determine how the principles apply to its own situation.
The Guidance Note lists the APPs, and provide legal practitioners with examples of how an APP entity could address the requirements of each APP. For the full text of the APPs, legal practitioners can gain access via OAIC’s webpage “Privacy fact sheet 17: Australian Privacy Principles” (https://www.oaic.gov.au/individuals/privacy-fact-sheets/general/privacy-fact-sheet-17-australian-privacy-principles). …show more content…
An APP entity should also take reasonable steps to ensure a customer is aware of the APP entity’s access, correction and complaints processes relating to personal information.
APP 6 — Use or disclosure of personal information
An APP entity should also make it clear as to the types of organisations to which it is likely to disclose information about a customer. This may include the APP entity’s insurers and organisations that provide services to the APP entity, such as mail houses, printers, debt recovery agencies, website usage analysis services, and marketing …show more content…
It should provide for the ability to respond to the request within a reasonable period. Generally, an APP entity should take reasonable steps to correct personal information of customers to ensure that, having regard to a purpose for which it is held, it is accurate.
Again, if the APP entity decides not to give make a correction, it should provide reasons for the refusal and information on how the customer can complain about the refusal.
Useful tools for legal practitioners
OAIC’s APP guidelines (https://www.oaic.gov.au/agencies-and-organisations/app-guidelines/) is a useful tool for legal practitioners because (among other things) they outline the mandatory requirements of the APPs and how OAIC will interpret the APPs. Importantly, legal practitioners will find information on what OAIC may take into account when exercising its functions and powers under the Privacy Act.
When using OAIC’s APP guidelines, it would be advisable for legal practitioners to also refer to the full text of the APPs, available on OAIC’s webpage “Privacy fact sheet 17: Australian Privacy Principles”