In any business, one of the most important considerations is how to protect inside information. After all, it’s what keeps your business thriving. This is where privacy and confidentiality play a significant role. 

What Is The Difference Between Privacy And Confidentiality In Australia?

The main difference between privacy and confidentiality is the type of information it can protect. 

Privacy will protect personal information according to what the Privacy Act says, however the protection provided by confidentiality depends on how you’ve defined it in your contract. So, generally speaking, they differ in the extent to which they protect different kinds of information. 

Since they’re defined differently, they may also be enforced differently. 

In this article, we’ll go through these differences in more detail and how you can include both privacy and confidentiality in your business relationships. 

What Is Privacy In Australia?

Privacy in Australia focuses on protecting people’s rights to their personal information, such as:

  • Names
  • Addresses
  • Phone numbers
  • Health information (there are additional regulations for businesses that handle people’s health information, so you may need a Health Service Provider Privacy Policy. If this is you, we’ve written more information to guide health service providers here.)

Businesses come across this kind of personal information every day, so it’s important that you understand your obligations around privacy. This is all governed by the Privacy Act 1988

What Is The Privacy Act?

What distinguishes privacy from confidentiality is that privacy imposes obligations on parties based on what is in the Privacy Act. 

The Privacy Act will apply to any business with an annual turnover that exceeds $3 million, however some exceptions apply (for example, if you handle health information, the Act may still apply to you). 

So, if the Act does apply to your business, you have to comply with your obligations. For example, it’s required that you have a Privacy Policy in place that tells customers how you will be handling their personal information. These responsibilities are all set out under the Australian Privacy Principles (we’ve written about this here). 

So, how is this different to confidentiality? 

What Is Confidential Information In Australia?

While privacy is governed by the Privacy Act, confidentiality isn’t covered by a specific law. Instead, it comes from common law. 

This just means how confidentiality is defined and enforced depends on how you set it out in your contract. There’s no specific legislation telling you how you need to do this.  However, most businesses have confidentiality clauses as it’s essential for protecting valuable business information. 

Also, confidential information is no longer confidential if it is in the public domain (this is different to privacy – personal information will still be protected by the Privacy Act even if it goes public). 

So, how do we know what is actually considered ‘confidential information’? 

Confidentiality Defined By You

As we mentioned, confidentiality is more flexible than your privacy obligations because you define it in your agreements. So, you can decide what is considered confidential. 

For example, your contract might define confidential information as including:

  • Any information that relates to the contract
  • Any information disclosed in the course of employment
  • Any information disclosed with the business’ clients

However, some things will not be considered confidential, such as:

  • Information already in the public domain
  • Information disclosed with written consent
  • Information disclosed for the provision of goods and services
  • Information disclosed to a professional advisor, like a lawyer
  • Information that needs to be disclosed because it is compelled by law

The key takeaway here is that confidentiality in Australia is not governed by a specific legislation, so it’s important that you carefully draft an appropriate confidentiality clause that is suited to the needs of your business relationship (we’ll cover confidentiality clauses shortly). 

Confidentiality Defined By The Law

While you can choose how to define confidential information in your commercial agreements, common law also sets out confidentiality. In other words, you can still take legal action for a breach of confidence even where there is no contract and no confidentiality clause. 

However, there are certain requirements to establish this. For example, the information must not already be in the public domain, and its confidential nature needs to have been communicated to the relevant parties. 

The following types of information will generally be protected by confidentiality:

  • Trade Secrets – information that has significant value to the way a business runs or succeeds e.g. a recipe
  • Personal information e.g. home address, phone numbers

The way you enforce this will depend on what you say in your contract. So, how would you go about including this in your agreements?

Can You Write Privacy Or Confidentiality In A Contract?

Yes, you can include privacy and confidentiality clauses in your contracts with anyone who comes into contact with your business. This can mean employees, contractors and even clients. 

Do I Need A Privacy Clause?

A Privacy Clause is essential if the Privacy Act applies to you (along with a number of other obligations). However, even if it does not apply to you, it’s still something that most businesses do to protect personal information. In this day and age, lots of customers and clients are serious about the way businesses handle their data, so it’s good business practice to maintain transparency and trust in the way they collect information. 

A privacy clause should disclose how information will be handled in compliance with the Act, and how this would be enforced. 

This is quite different to a confidentiality clause, as the information to be protected and the way it is enforced is not governed by a certain Act. 

Do I Need A Confidentiality Clause?

Most businesses include a Confidentiality Clause in their agreements to protect inside information. For example, this could include:

  • Client details
  • Employee details
  • Trade secrets (e.g. a recipe)
  • Any information discussed with clients
  • How it will be enforced (e.g. injunction)
  • One-way vs mutual confidentiality 

It is essential that your contract covers confidentiality as it’s a highly competitive climate out there. Protecting your information gives you that competitive advantage and minimises the risk of losing information that is essential to your business’ success. 

You might include confidentiality as a standalone contract, such as a Non-Disclosure Agreement. Otherwise, you could simply insert a Confidentiality Clause in a larger contract, like your Employment Contract or Contractor Agreement

Example
Let’s say you run a small online fashion business, and you hire a contractor to design some of your email newsletters. You’d need to share some of the following things with them before they can get started on the project:Business logoEmployee details (name, emails)Behind-the-scenes photosDetails of how the clothing is madeDetails about suppliers and materials used Client information (e.g. testimonials)
This kind of information is valuable to a business and can be considered quite sensitive. So, you’d want to make sure it’s well protected when dealing with external parties. 
So, your best option is to insert a confidentiality clause (or a Non-Disclosure clause) in your Contractor Agreement. You can set out their obligation to not disclose any of the information they have access to for the duration of arrangement, and the right for you to seek an injunction against them in case they breach this clause. 
Tip: you may want to have an IP Assignment Deed with your contractors. So, if they design or write something for you, this deed ensures that you retain legal ownership of that property. It also prevents them from distributing or selling that property to third parties. 

How Else Can I Maintain Confidentiality?

Maintaining confidentiality isn’t just in the way you manage your contracts. It’s always a good idea to have appropriate workplace policies in place, so employees are aware of what to do in case of a breach. 

For example, a good Workplace Policy will cover things like:

  • Where to keep highly sensitive information
  • How to manage passwords (you might have a certain system in place for this)
  • Steps to take in case sensitive information is lost/stolen (e.g. a Data Breach Response Plan)
  • Who has access to certain types of information 
  • Where to keep confidential documents 
  • When you should destroy confidential information

Confidentiality becomes even more significant if your business is online. So, it’s worth considering ways to Maintain A Strong Cyber Security System.  

Need Help?

Privacy and confidentiality are essential things to consider when running any business. However, setting it all up can be a tricky process if you’re not sure where to start. 

If you need help, Sprintlaw has a team of experienced lawyers who can help you sort out your legals. Whether it be a Privacy Policy or a Non-Disclosure Agreement, we can help you find the appropriate agreement that is suited to your unique business needs. 

You can reach out to us at team@sprintlaw.com.au or contact us on 1800 730 617 for an obligation-free chat.

Rowan Gardoce
Rowan is the Marketing Coordinator at Sprintlaw. She is studying law and psychology with a background in insurtech and brand experience, and now helps Sprintlaw help small businesses
About Sprintlaw

Sprintlaw's expert lawyers make legal services affordable and accessible for business owners. We're Australia's fastest growing law firm and operate entirely online.

5.0
(based on Google Reviews)
Get expert privacy law advice, quick and online.

We'll get back to you within 1 business day.

  • This field is for validation purposes and should be left unchanged.