The Privacy Act 1988 sets rules for businesses handling personal information. It also allows individuals to make a complaint if personal information is mishandled.
Some small businesses, including those that are non-profit bodies or unincorporated associations, need to comply with the Privacy Act.
Small businesses that collect personal information (other than their own employees’ information) may need to comply. Personal information is any information about an identifiable individual, e.g. a person’s name and address, marital status or income.
If your business has an annual turnover of more than $3 million or is a health service provider, the Privacy Act applies to your business.
More below.