This week is Privacy Awareness Week in Australia, an annual event that highlights the importance of protecting personal information. It is promoted by a forum of privacy authorities in the Asia Pacific region including our own Office of the Australian Information Commissioner (OAIC). This year’s focus is on ‘rebooting’ your privacy.
This year privacy is more relevant than ever, as the awareness week falls in the midst of the challenges presented by COVID-19 and the new ways in which businesses are required to utilise online platforms.
How can you ‘reboot your privacy’?
The shift to an online platform, whether it be regarding working from home, your online distribution centres, and other online platforms, means that they must be governed by strong privacy practice protocols and controls. Whilst we may all be somewhat used to working in different places, or remotely, Privacy Awareness Week is a good reminder to keep at front of mind, ensuring the security of our data and information.
It is important to keep in mind that the you must comply with the Privacy Act 1988, the Australian Privacy Principles and the Notifiable Data Breach Scheme. These regulate the management, storing, access and correction of personal information about individuals.
In order to do this, you must be aware of:
- Why are you collecting data?
- From whom are you collecting it?
- How are you using the data and does this use relate to the purpose you’ve collected it?
- Where is your data stored?
- How is your data protected?
- Who do you share data with and how do you ensure those third parties comply with their legal obligations?
- How do you ensure that data is accurate and up to date?
- How do you dispose of or delete data?
This may be a good time to:
- Check and update your privacy policies to include circumstances that may have arisen as a result of COVID-19;
- Create refreshers to employees on best practices to manage privacy policies; and
- Securely destroy or de identify personal information if it’s no longer needed for a legal purpose