- The types of personal information collected
- The purposes of collection
- How the information is collected and held
- The ways in which the information is used and disclosed
- The process for an individual to access and correct their personal information
- How an individual may complain about a breach of the APPs and how the complaint will be handled
- Whether the personal information is likely to be disclosed to overseas recipients
Creating this document is not only a compliance measure but also a trust-building tool that assures your clients and site visitors that their data is handled with the utmost care and respect.
Employee Privacy Manual: A Dual-Purpose Guide
For internal purposes, an employee privacy manual should exist as a distinct document. This internal policy should elaborate on how your firm processes and safeguards the personal and sensitive information of your employees in line with the APPs and the Fair Work Act 2009 (Cth), ensuring workplace rights and privacy are respected.
Additionally, this manual must provide explicit guidance to your employees regarding the handling of client information. This should cover:
- Secure handling and processing of client information
- Access controls and authorizations
- Protocols for the storage, transfer, and destruction of sensitive data
- Obligations under the Privacy Act 1988 (Cth) and other relevant legislation like the Notifiable Data Breaches (NDB) scheme
- Employee training programs on privacy and data security
- Reporting structures for potential privacy issues or breaches
- Regular updates in line with changes in privacy law and technology
Both documents should be living documents, subject to regular review and updates to reflect changes in legislation, such as amendments to the Privacy Act or new rulings related to data protection and employee rights.
Ensuring these policies are well-documented, accessible, and communicated will help maintain transparency with your clients, fulfill legal obligations, and safeguard your firm’s integrity in the handling of sensitive data.
Need Legal Help?
Enter your details to get started