Enter your email and password to access secured content, members only resources and discount prices.
Did you become a member online? If not, you will need to activate your account to login.
If you are having problems logging in, please call HIA helpdesk on 1300 650 620 during business hours.
Enables quick and easy registration for future events or learning and grants access to expert advice and valuable resources.
Enter your details below and create a login
Individuals have the right to:
Makes sure you understand your right and obligations when it comes to collecting, storing, and handling personal information.
The Act affects dealings with clients, buildings and others where personal information is collected and/or you are privy to details of a person’s financial affairs, their names and occupations, bank records and details or tax file numbers.
If your business is covered by the Act, you need to understand your obligations when handling personal information including ensuring the information is kept secure and not disclosed without the person’s consent.
Businesses with an annual turnover of more than $3 million are covered. If your business does not meet the turnover threshold, you may still be covered if your business is:
You can use the Privacy Checklist for Small Business to confirm if you are covered by the Act.
All of a business’s records relating to current and former employees are captured by the Act. However, employers have the benefit of the employee records exemption which applies to current and former employment relationships. The employee records exemption means that an employer’s handling of employee records will be exempt from the Australia Privacy Principles (APPs) in certain circumstances.
The employee records exemption applies to:
It does not apply to any future employment relationships. Accordingly, if you are collecting information about a prospective employee, the APPs will still apply. Additionally, any acts outside the course of the employment relationship, such as selling a list of employees to another organisation for marketing purposes, would not fall within the scope of the exemption and the APPs must be complied with when handling that information.
An employee record is a record of personal information relating to an employee. For example, it could be personal information relating to:
No, the exemption does not cover your contractors and subcontractors. You must follow the APPs.
As a business covered by the Act, you must comply with the APPs Australian Privacy Principles (APPs). There are currently 13 APPs which govern standards, rights, and obligations regarding the collection, use and disclosure of personal information, right to access personal information and governance and accountability for organisations.
To find out more about the 13 APPs, refer to the APP quick reference guide.
In addition to the APPs, there are obligations for business who handle individual’s consumer credit information and the handling of individual’s tax file number (TFN) information.
Under the TFN rule, if you receive a TFN, you must not record, collect, use, or disclose that TFN information unless it is permitted under taxation, personal assistance, or superannuation law.
A breach of an APP can lead to regulatory action and penalties. Individuals may also complain if they believe a business has not complied with the Act when dealing with their personal information.
To avoid breaching your obligations, members may wish to follow these tips.
For further information about your privacy law obligations, members may refer to the OAIC website.