Free HR Services from our Employee Relations Experts. Find out more.

Our Business Services

Chamber of Commerce & Industry WA

With over 130 years of experience representing WA businesses, we’re ready to help with the resources and advice you need to succeed.

Employee Relations Helpline

Employee Relations Helpline

Get timely, reliable and practical employee relations advice on employment laws, the awards system and other human resource matters. CCIWA Members get unlimited access.

Legal Services

Legal Services

Our team of experienced, client-focused business lawyers offer a full range of Commercial Law & Employment Law services for all your essential legal needs.

Accounting & Taxation Services

Optima Partners and CCIWA

Innovative and personalised accounting, taxation and business advisory services that focus on delivering the best results to help your business grow.

Workplace Health & Safety Services

Workplace Health & Safety Services

Unlock the potential of your business with our suite of staff training and development programs, crafted by workplace relations experts and tailored to your business needs.

Construction & Mining IR Services

Construction & Mining IR Services

We offer extensive, independent and practical industrial and labour relations support to the engineering, construction and mining industries.

Workplace Training & Development

Workplace Training & Development

Unlock the potential of your business with our suite of staff training and development programs, crafted by workplace relations experts and tailored to your business needs.

Apprenticeship Support Australia WA

Apprenticeship Support Australia WA

Our dedicated team specialises in assisting employers maximise the benefits of investing in apprenticeships and traineeships to build local skills for the diverse WA workforce. Our team of experts will provide all the advice, support and services you need — free of charge.

Work Integrated Learning – Internships

Work Integrated Learning - Internships

Tap into WA’s future workforce with our Work Integrated Learning – Internships program. This free service facilitates university student work experience placements for your business.

Industry Capability Network WA

Industry Capability Network WA

Connecting your business with mining, construction, infrastructure, defence and other major projects using the ICN Gateway.

International Trade Services

International Trade Services

Take your business global using our comprehensive suite of international trade services to streamline importing and exporting, reduce risks and identify international partners.

You have one free articles for this month. Sign up for a CCIWA Membership for unlimited access.

Privacy Act changes explained

By Beatrice Thomas

A proposed overhaul of the Federal Privacy Act would represent a major shift in how organisations collect, use and manage data. We explain how this could affect you. 

data privacy

 Why is reform now required? 

Since the commencement of the Privacy Act in 1988, access to the internet has meant personal or sensitive data is now systematically collected by third parties. 

“Privacy was traditionally an individual concern, but with the rapid pace of technology, and the increased volume of sensitive and personal data held by third parties, it's become a social governance consideration,” says Cass Wright, CCIWA Director Commercial Legal. 

“We can see that breaches of privacy are corrosive for trust and public perception and social licence, and so it's obvious that regulation must keep pace with technological advancements.” 

What are the proposed changes to the Privacy Act? 

Following a two-year review, the Privacy Act Review Report comprised 116 recommendations. Of those the Federal Government last year agreed to 38 of the proposals and agreed in principle to a further 68. These include: 

  • An entity must take reasonable steps to keep personal information secure, and reasonable steps to destroy and de-identify personal information. 
  • Privacy policies should outline what personal information is used in automated decisions that affect individual rights. 
  • The definition of consent for obtaining sensitive data from an individual is changed from “expressed or implied” to “voluntary, informed, current, specific and unambiguous”. 
  • Organisations must carry out a privacy impact assessment before commencing high-risk activity that is “likely to have a significant impact on the privacy of individuals”. 
  • For businesses working with children, an online privacy code should be developed and applied to online services likely to be accessible by children. 
  • The establishment of low, mid and serious penalty tiers to strengthen enforcement. 
  • The Information Commissioner should be provided with additional powers for investigations of civil penalty, and to undertake public inquiries and reviews into specified matters on the approval and direction of the Attorney-General. 

 “The proposals are now subject to further engagement, including a comprehensive impact analysis,” says Wright. 

“This is to ensure the right balance between the privacy of individuals and the burden on businesses and also to understand the appropriate adjustments before the Government makes a final decision on the implementation of the proposals.”

Removing the Small Business Exemption 

As part of the proposed reforms, the Government has agreed in principle to the removal of the Small Business Exemption, where businesses with an annual turnover of $3 million or less are exempt from the Privacy Act. 

An impact analysis will better determine what impact this will have on small businesses and what support they require to adjust their privacy practices to facilitate compliance with the Act. 

Managing employee records 

Wright says the most contentious of the proposed changes involves managing employee records. 

“At present employee records of current or former private sector employees are exempt from the Privacy Act,” she says. 

“The original rationale for this exemption was that employee privacy was better regulated under workplace relation laws.” 

However, Wright says further consultation will be undertaken with employees and employer representatives on how enhanced privacy protections for the private sector may interact with workplace relations laws and how they will be implemented. 

What should I do now? 

The changes to the Privacy Act will affect HR practitioners as custodians of employee data.  

Wright says a commonsense approach, with some practical procedures, will ensure information is handled with care and transparency. This includes: 

  • Consider how data is stored. Do you have CVs in your inbox? Is that the safest place for CVs to be kept? 
  • Lock your screen when you walk away from your computer 
  • Scan data in a safe way, use destruction bins and shredders for personal information and clean out your inbox 
  • What information are you asking third parties to provide on entrance, i.e. a book on reception that asks for names and details, and how is that being protected 

Wright says it is important that HR managers undertake a comprehensive point in time review of employee data and make adequate plans to adapt to the pending changes. 

“HR managers should prioritise employee training and awareness programs to empower staff to understand and exercise their privacy rights within the workplace, but also to keep employees informed of the changes of how personal data is stored and managed,” she says. 

“By proactively adapting to these changes, businesses can not only comply with the law, but also build trust in their employees and consumers.” 

Want advice on this or other commercial legal matters? Get in touch on (08) 9365 7560 or via [email protected]. 

A proposed overhaul of the Federal Privacy Act would represent a major shift in how organisations collect, use and manage data. We explain how this could affect you. 

data privacy

 Why is reform now required? 

Since the commencement of the Privacy Act in 1988, access to the internet has meant personal or sensitive data is now systematically collected by third parties. 

“Privacy was traditionally an individual concern, but with the rapid pace of technology, and the increased volume of sensitive and personal data held by third parties, it's become a social governance consideration,” says Cass Wright, CCIWA Director Commercial Legal. 

“We can see that breaches of privacy are corrosive for trust and public perception and social licence, and so it's obvious that regulation must keep pace with technological advancements.” 

Tagged under: