Office of the Australian Information Commissioner - Home

Australian Government - Office of the Australian Information Commissioner
Australian Government - Office of the Australian Information Commissioner

Main menu

10 top tips for good privacy practice for start-up businesses

Transcript

If you own or are creating a start-up business, it’s essential that you build privacy into your products and services from the beginning. To find out why, watch Privacy is important for start-up businesses.

Building in privacy should be easy to do.

To get you on the road to good privacy practice, use these 10 tips:

  1. Design your products or services to manage, minimise or eliminate privacy risks. Conducting a Privacy Impact Assessment will help you here.
  2. Develop a privacy policy and make it publicly available.
  3. Minimise your risk profile - don’t collect and keep personal information if de-identified data will do.
  4. If you need to collect personal information, where possible, collect it from people directly.
  5. When you collect personal information, tell people how and why you collect it, and who you will share it with.
  6. Get consent if you want to use or share someone’s information in a new way.
  7. Check the privacy practices of third parties or contractors that you share personal information with.
  8. Protect the information you hold from physical and digital security threats. Human error is a major cause of security breaches, so train your staff and contractors.
  9. Be prepared for a data breach. Create a data breach response plan.
  10. Practice good privacy governance. Your operational practices and procedures should support your privacy policy.

For more information on how to implement these tips visit us at oaic.gov.au/startups.