Compliance Legal Privacy
3 mins read

Keeping things private – a guide to privacy compliance

It’s weird isn’t it, how keeping personal information private requires transparency. Who knew?

Here’s a fun fact: Privacy Awareness Week (“PAW”) will be held this year from Monday 6 May 2024 until Sunday 12 May 2024. “Is this important?” we hear you ask, and “Why should I care?”

Here’s a fun answer: You bet it’s important, especially in this age of AI, technology, and accountability. You should care deeply; a breach of privacy can quite simply destroy your business with not only financial penalties (up to $50 million for a corporation) but the reputational damage from a breach of trust can also be significant. Nobody wants to do business with a party that cannot be trusted to care about them or their personal information.

Remember these words...

There’s a saying among professional service organisations that can be applied to any business, and explains what your customers want and why your customers will keep coming back: “I don’t care how much you know… until I know how much you care”.

Simple words, powerful message. Privacy is so much more than regulatory compliance, when you are in possession of a person’s personal information you have obligations as set out in the Privacy Act 1988. The OAIC website has detailed information on the current state of play.

What's on the horizon?

In September 2023, the Federal Government responded to the Attorney General’s Privacy Act Review Report of February 2023 (seven months response time is very prompt). The result can be summarised as:

  1. 38 of 116 proposals were accepted by the Government.
  2. 68 were accepted in principle, subject to further enquiry.
  3. Major areas that will be legislated in 2024 include further enforcement powers for the OAIC, a Children’s Online Privacy Code, increased data destruction and security measures for personal information and requiring privacy policies to address automated decision making that affect personal information.

The OAIC Response

The OAIC welcomed the response and Commissioner Falk said: –

“This is the most significant change to the Privacy Act in decades and will require organisations to ensure that their practices are fair and reasonable in the first place. This will provide confidence to the Australian community that like a safety standard, privacy must be built into products and services from start.”

What can I do now? –

Stand by for more laws that will require you to amend your privacy policy and procedure process.  Don’t view this as yet more regulation, but as an opportunity to refresh your approach to privacy generally, an opportunity to get the whole business and team on board to show your customers that you really do care.

Not just words but action, become your customer’s advocate. If you would not accept how your business treats personal information then why should your customers feel any different?

How do I know if what I am doing is correct?

If your turnover is more than $3 million per year, you’re required to have a privacy policy. You’re probably also collecting and using a lot of personal information for the purposes of assessing risk and onboarding customers. Have a look at our privacy policy checklist here to make sure you are collecting, protecting and using your customer’s information in the right way.


This article is designed and intended to provide general information in summary form. The contents of this article do not constitute legal advice, are not intended to be a substitute for legal advice and should not be relied upon as legal advice. Please seek legal advice about your specific circumstances.

OAIC privacy act privacy policy small business
Natalie Ledlin
Principal Lawyer
Natalie is Principal Lawyer at FCW Lawyers. With a double degree in law and psychology, she understands the science behind human behaviour. She knows that soft skills can often be the real way to achieve great results for clients. Whether you call it emotional intelligence, empathy or just plain gut feel, Natalie has it in spades – which is invaluable when she’s negotiating outcomes for clients and conducting commercial litigation.
14-Day Free Trial

Get started with CreditorWatch today

Take your credit management to the next level with a 14-day free trial.

You might also like

Computer hacker
AML (Anti-Money Laundering)AML/CTF

Managing risk: Is your AML/CTF compliance up to scratch?

Electronic signature
ComplianceElectronic signatures

Electronic signatures: Are they legally accepted in Australia? 

Hey, Wait…

Subscribe to our newsletter

You’ll never miss our latest news, webinars, podcasts, etc. Our newsletter is sent out regularly, so don’t miss out.