Design your products or services to minimise, manage or eliminate privacy risks
Adopting a privacy by design approach is the most efficient and effective way to protect privacy. You need to think about privacy from the beginning – it’s more costly and burdensome to do it later. See Australian Privacy Principle (APP) 1 (1.2).
Being open and transparent about how you handle personal information is essential for consumer trust.
Collect and retain de-identified data where possible
Consider whether you could collect de-identified information instead of personal information. Personal information is ‘de-identified’ if the information is no longer about an identifiable individual or an individual who is reasonably identifiable. It involves removing or altering information that identifies an individual or is reasonably likely to do so. For more information, see De-identification and the Privacy Act.
If you do need to collect information that could identify individuals (for example, because a law says you have to), minimise the amount you collect to what you actually need for your business, and de-identify or destroy it when you no longer need it. You should also consider the risk that de-identified information will be re-identified if it is going to be integrated with other data sets, or shared with third parties. See APP3 (3.2) and APP11 (11.3).
Get the individual’s consent for new uses and sharing of personal information
Only use or disclose personal information for the purpose you collected it, or for a related purpose that the individual would expect. See APP6.
If you want to use personal information you have collected for an unrelated purpose, it’s best practice to get the individual’s consent or de-identify the information.
Check the privacy practices of third parties with which you share personal information
If a third party mishandles data you gave it, you may still bear the commercial and reputational damage. Before sharing data, make sure your commercial arrangements (such as a contract) cover how personal information will be handled. This is particularly important if the third party is located offshore. See APP8.
For more information, see Sending Personal Information Overseas.
Collect personal information directly
Collect information lawfully and fairly. Collect information and any consent you need directly from the individual, unless it is unreasonable or impractical to do so. See APP3 (3.5 and 3.6).
Notify individuals when you collect their personal information
When you collect personal information about individuals, notify them or make them aware of the collection (ideally beforehand). Notification should include how and why the information is collected, and who the information may be disclosed to. See APP5.
Protect the personal information you hold
Analyse the potential physical and digital threats to the security of the personal information you hold, and take steps to mitigate these threats. This may include (but is not limited to) implementing software and network security, access controls, and password management. Human error is a large source of security breaches so you also need to ensure your staff are adequately trained.
For more information, see our Guide to Securing Personal Information.
Be prepared for a data breach
Once your products or services go live, have a data breach response plan in place. Where there is a risk of serious harm to the people whose personal information has been compromised, consider notifying affected individuals and the OAIC.
For more information, see our Data Breach Preparation and Response Guide.
Practice good privacy governance
Implement operational practices and procedures that support your privacy policies. Our Privacy Management Framework provides advice on how businesses can implement good privacy practices in their day-to-day operations. See APP1 (1.2).