Misunderstandings over the obligation to protect people’s privacy can often lead to legal action when businesses make the wrong decision about their use of people’s personal information.

The Privacy Act 1988 (Cth) establishes National Privacy Principles that apply to all private sector organisations with an annual turnover of more than $3 million, health service providers, traders in personal information and contractors to the Australian Government.

The standards established in the National Privacy Principles include the restriction of collecting personal information only if it is necessary for the function or activity of the organisation, taking reasonable steps to protect the personal information via appropriate computer hardware and software systems for protection of data, and taking reasonable steps to ensure that personal information collected is accurate, complete and up-to-date.

The importance of these principles is illustrated in the case of T v Commonwealth Agency [2009], where a Commonwealth agency investigated the conduct of one of its employees via an examination of their use of work emails to send and receive inappropriate material and a report on their attendance. Upon an investigation by the Privacy Commissioner, it was found that, although the use of the employee’s emails was not a breach of privacy, the employee’s attendance record contained incorrect information. The agency had to amend the inaccuracy and compensate the employee.

If you need assistance in relation to any legal matters, please contact one of our friendly Gold Coast Lawyers today on 5563 8970.