Contents
In any business, one of the most important considerations is how to protect inside information. After all, it’s what keeps your business thriving. This is where privacy and confidentiality play a significant role.
What Is The Difference Between Privacy And Confidentiality In Australia?
The main difference between privacy and confidentiality is the type of information each protects.
Privacy safeguards personal information as mandated by legislation such as the Privacy Act 1988, while confidentiality’s protection is determined by how you’ve defined it in your contracts or internal policies. In essence, they differ in the extent and context in which they protect various types of information.
Since these concepts are defined and enforced in different ways, the remedies available also vary. It’s vital to understand these nuances to ensure you’re legally protected in your business dealings.
In this article, we’ll explore these differences in more detail and explain how you can integrate both privacy and confidentiality measures into your business relationships. For further insights on legal compliance, you might also want to check our Legal Requirements for Starting a Business guide.
What Is Privacy In Australia?
Privacy in Australia focuses on protecting people’s rights to their personal information, such as:
- Names
- Addresses
- Phone numbers
- Health information (if your business handles such data, you may need a Health Service Provider Privacy Policy – see our detailed guide here)
Businesses encounter personal information every day, so it’s essential to understand your obligations. These requirements are governed by the Privacy Act 1988, which remains a cornerstone of privacy law in Australia in 2025.
What Is The Privacy Act?
What distinguishes privacy from confidentiality is that privacy imposes obligations on businesses based on legislation. As of 2025, the Privacy Act continues to apply to any business with an annual turnover exceeding $3 million – although certain exceptions exist (for example, businesses that handle health information are often still subject to the Act regardless of turnover).
If the Privacy Act applies to your business, you must comply with its requirements. This includes having a Privacy Policy in place that clearly explains how you handle personal information. These obligations are detailed under the Australian Privacy Principles (for a comprehensive breakdown, see our article on 13 Australian Privacy Principles).
So, how does this differ from confidentiality?
What Is Confidential Information In Australia?
While privacy is governed by the Privacy Act, confidentiality is not covered by any specific legislation. Instead, its protection arises from common law principles and the specific terms you set out in your contracts.
This means that the way confidentiality is defined and enforced depends largely on the language of your agreements. Without a well-drafted confidentiality clause, your ability to protect sensitive business information may be limited. It’s also important to note that information which has entered the public domain loses its confidential status-unlike personal information, which may still be protected under the Privacy Act even if made public.
So, how do we determine what constitutes ‘confidential information’?
Confidentiality Defined By You
Confidentiality is considerably more flexible than privacy obligations because you have the freedom to define it in your contracts. For instance, your agreement might specify that confidential information includes:
- Any information that relates directly to the contract
- Information disclosed during employment or in the course of business operations
- Details shared with clients or external partners
However, certain information is typically excluded from confidentiality, such as:
- Information already available in the public domain
- Information disclosed with prior written consent
- Information provided as part of the normal provision of goods or services
- Information shared with a professional advisor, such as a lawyer
- Information that must be disclosed to comply with legal obligations
The key takeaway here is that since confidentiality in Australia isn’t governed by specific legislation, it is crucial to draft a robust confidentiality clause tailored to your business needs. For more information on crafting effective clauses, read our piece on What Is a Confidentiality Clause?.
Confidentiality Defined By The Law
Although you have the flexibility to define confidentiality in your agreements, common law also provides a level of protection. This means you can potentially pursue legal action for a breach of confidence even in the absence of a contractual clause, provided that the confidential nature of the information was clearly established and communicated.
Typically, the following types of information are protected under common law confidentiality principles:
- Trade secrets – such as proprietary recipes or unique business methods
- Personal information (for example, home addresses or phone numbers)
How you enforce confidentiality will depend entirely on your contract’s language. So, how can you include these measures in your agreements?
Can You Write Privacy Or Confidentiality In A Contract?
Yes, you can and should include both privacy and confidentiality clauses in your contracts with employees, contractors, clients, and any other parties that may come into contact with your business information.
Do I Need A Privacy Clause?
A Privacy Clause is essential if the Privacy Act applies to you. Even if it doesn’t legally bind you, incorporating one is good practice to protect personal information. In today’s data-driven world, customers and clients expect transparency. Your privacy clause should clearly state how information will be managed in accordance with the Act and how those standards will be enforced.
Do I Need A Confidentiality Clause?
Most businesses include a Confidentiality Clause in their agreements to safeguard sensitive information such as:
- Client details
- Employee information
- Trade secrets (e.g. a unique recipe or proprietary process)
- Any information exchanged with clients
- Enforcement mechanisms, such as the right to seek injunctions
- One-way vs mutual confidentiality
It is crucial that your contracts properly cover confidentiality, especially in such a competitive business environment. Protecting your information not only secures your competitive advantage but also minimises the risk of sensitive data being misused. You might opt for a standalone document, such as a Non-Disclosure Agreement, or simply include a confidentiality clause within larger agreements such as an Employment Contract or a Contractor Agreement.
Example Let’s say you run a small online fashion business and hire a contractor to design your email newsletters. To kick off the project, you’d share sensitive details such as: Business logo Employee details (name, email addresses) Behind-the-scenes photos Details of production processes, including how clothing is made and information about suppliers and materials Client information (e.g. testimonials) This information is valuable and sensitive. To safeguard it, you would include a confidentiality clause (or a Non-Disclosure clause) in your Contractor Agreement, outlining that the contractor must not disclose any of the shared information and that you reserve the right to seek an injunction if a breach occurs. Tip: Consider also having an IP Assignment Deed with your contractors, ensuring that any designs or written materials created become your legal property and are not distributed or sold to third parties. |
How Else Can I Maintain Confidentiality?
Maintaining confidentiality goes beyond just drafting solid contracts. It’s equally important to have workplace policies that educate employees on how to handle sensitive information. For instance, a comprehensive Workplace Policy might cover:
- Secure storage practices for highly sensitive information
- Management of passwords and access controls
- Clear steps to follow if sensitive information is lost or stolen (for example, implementing a Data Breach Response Plan)
- Identification of who has access to various types of information
- Guidelines on securing and eventually destroying confidential documents
- Regular training and updates on confidentiality and data protection practices
In 2025, with the increasing reliance on digital platforms, it is more important than ever to review your confidentiality measures regularly. Ensure that your IT systems are updated in line with the latest cyber security standards – for example, our Cyber Security Legal Issues article offers up-to-date advice on this front.
Need Help?
Privacy and confidentiality are critical components of your business’s legal framework, but setting these up can be complex if you’re uncertain where to begin.
Sprintlaw’s team of experienced lawyers is here to assist you with everything from drafting a comprehensive Privacy Policy to preparing a robust Non-Disclosure Agreement that meets your unique needs. We can also help ensure your Employment Contracts and Contractor Agreements adequately protect your confidential business information.
You can reach out to us at team@sprintlaw.com.au or call us on 1800 730 617 for an obligation‐free chat.
Meet Our Lawyers for Data & Privacy
We'll get back to you within 1 business day.