On March 12, the Government are changing the Privacy Act policies that affect your business – I can say that with some certainty as they’ll pretty much affect every business – particularly the way your business deals with your customers’ information.
The revised laws are to guarantee that all customer details are being used in a respectful and honest manner. When you purchase something online, you expect that your private details won’t be passed on to someone else, right? Well with these new laws, it’s now a legal requirement that you take more action to protect your customers details – even if you are doing the right thing.
Previously, businesses didn’t get fined for breaches of privacy but this isn’t the case anymore. Larger organisations can now be handed a $1.7 million dollar fine. So it’s best to get prepared for the change before the commissioner starts cracking down!
Who does the Act apply to?
This Act applies to large businesses that handle personal information as well as health service providers of any size. If you run a physical, emotional or spiritual health business, the new privacy Act and its principles apply to you!
The Act is also relevant to many small businesses that use personal information for direct marketing (especially if you outsource your marketing overseas). If your annual turnover is less than $3 million, you are most likely exempt from the law. But to be 100%, here’s a helpful checklist.
The Act is bringing in a new set of principles, known as APPs to crack down on how personal information is handled throughout Aussie businesses. There are 13 new principles to get your head around, 7 of which are targeted towards using personal information for direct marketing – an important one when it comes to your small business.
The changes are going to affect how your business can:
- handle and process personal information (including how easy you make it to unsubscribe)
- use personal information for direct marketing
- disclose personal information to people overseas.
What will happen if you don’t obey the new laws?
The Australian Information Commissioner has been given extra power that will have sharp teeth for any businesses that don’t comply with the new laws. The Ombudsman now has the ability to:
- seek civil penalties to those who breach the policy
- conduct assessments of privacy performance for agencies and businesses.
Preparing you business for Australia’s new Privacy Laws
1. Review your customer data
- What customer information does your business collect? For what purpose?
- Where is the information stored? Is it safe and protected?
- How do you communicate with your customers? Have you received permission to use their information?
2. Make a privacy plan
The most effective way to manage privacy is to appoint someone to take responsibility. You could take the role, give it to your office manager or someone else depending on the size of your business. Next step, know the principles – the most important step! Make sure the ‘privacy manager’ knows how to handle all information from the time you collect it to when you dispose of it.
Also, if your business collects and analyses customer information, you now have to inform your customers and give them the option to not participate – this is the same for testimonials. Just because they say something, doesn’t mean you can use it without asking.
4. Train your staff
It’s important that all of your staff members know what’s going on in privacy land. The APP guidelines recommend that businesses implement regular training on the changes and their effects on your business.
So there you have it, the basics you need to know for this week’s change. For more information, visit the Australia Information Commissioner website. If we can help set you up so that your business meets Australia’s new Privacy Laws and principles with regard to your EDMs or electronic mailers, we’d be delighted to help. You can call us on (02) 9994 8005 or drop us a note here.