{{ propApi.closeIcon }}
Our industry
Our industry $vuetify.icons.faArrowRight
Economic research and forecasting Economics Housing outlook Tailored market research Economic reports and data Inspiring Australia's building professionals HOUSING The only place to get your industry news Media releases Member alerts Submissions See all
Business support
Business support $vuetify.icons.faArrowRight
Become an apprentice host Hire an apprentice Why host a HIA apprentice? Apprentice partner program Builder and manufacturer program Industry insurance Construction legal expenses insurance Construction works insurance Home warranty insurance Tradies and tool insurance Planning and safety services Building and planning services How can HIA Safety help you? Independent site inspections Solutions for your business Contracts Online HIA Tradepass HIA SafeScan HR Docs Trusted legal support Legal advice and guidance Professional services Industrial relations
Resources & advice
Resources & advice $vuetify.icons.faArrowRight
Building it right Building codes Australian standards Getting it right on site See all Building materials and products Concrete, bricks and walls Getting products approved Use the right products for the job See all Managing your business Dealing with contracts Handling disputes Managing your employees See all Managing your safety Falls from heights Safety rules Working with silica See all Building your business Growing your business Maintaining your business See all Other subjects COVID-19 Getting approval to build Sustainable homes
Careers & learning
Careers & learning $vuetify.icons.faArrowRight
A rewarding career Become an apprentice Apprenticeships on offer Hear what our apprentices say Advice for parents and guardians Study with us Find a course Get your builder's licence Learn with HIA
HIA community
HIA community $vuetify.icons.faArrowRight
Join HIA Sign me up How do I become a member? What's in it for me? Get involved Become an award judge Join a committee Partner with us Get to know us Our members Our people Our partners Mates rates What we do Mental health program Charitable Foundation GreenSmart
Awards & events
Awards & events $vuetify.icons.faArrowRight
Awards Australian Housing Awards Awards program National Conference Industry networking Events
HIA products
HIA products $vuetify.icons.faArrowRight
Shop @ HIA Digital Australian Standards Contracts Online Shipping and delivery Purchasing terms & conditions Products Building codes and standards Hard copy contracts Guides and manuals Safety and signage See all
About Contact Newsroom
$vuetify.icons.faMapMarker Set my location Use the field below to update your location
Change location
{{propApi.text}} {{region}} Change location
{{propApi.successMessage}} {{region}} Change location

$vuetify.icons.faPhone1300 650 620

The Privacy Act and the building industry

The Privacy Act 1988 (Cth) (the Act) regulates the way individual’s personal information is handled.

Individuals have the right to:

  • know what information an organisation records about them, 
  • to correct that information if it is incorrect, and 
  • file a complaint if the organisation breaches the Act. 

Makes sure you understand your right and obligations when it comes to collecting, storing, and handling personal information.

What is the Act and what do I need to know about it? 

The Act affects dealings with clients, buildings and others where personal information is collected and/or you are privy to details of a person’s financial affairs, their names and occupations, bank records and details or tax file numbers. 

If your business is covered by the Act, you need to understand your obligations when handling personal information including ensuring the information is kept secure and not disclosed without the person’s consent.  

Who is captured under the Act? 

Businesses with an annual turnover of more than $3 million are covered. If your business does not meet the turnover threshold, you may still be covered if your business is:

  • a contractor providing services under a Commonwealth contract;
  • related to a business that the Act covered; or 
  • a business that has opted in to be covered by the Act. 

You can use the Privacy Checklist for Small Business to confirm if you are covered by the Act. 

Are there any exemptions? 

All of a business’s records relating to current and former employees are captured by the Act.  However, employers have the benefit of the employee records exemption which applies to current and former employment relationships.  The employee records exemption means that an employer’s handling of employee records will be exempt from the Australia Privacy Principles (APPs) in certain circumstances. 

When does the exemption apply?

The employee records exemption applies to:

  • current employees. 
  • former employees. 
  • an employee record held by the business relating to the individual.

It does not apply to any future employment relationships. Accordingly, if you are collecting information about a prospective employee, the APPs will still apply. Additionally, any acts outside the course of the employment relationship, such as selling a list of employees to another organisation for marketing purposes, would not fall within the scope of the exemption and the APPs must be complied with when handling that information. 

What is an employee record?

An employee record is a record of personal information relating to an employee. For example, it could be personal information relating to:

  • the terms and conditions of employment; 
  • the resignation or termination of employment; 
  • any training or disciplinary action taken with respect to the employee; 
  • the employee’s personal and emergency contact details;
  • salary and wage information;
  • performance, conduct or hours of employment details;
  • whether the employee is part of a union or other professional association;
  • the employees leave entitlements; or
  • taxation, banking, and superannuation affairs.

Does the employee records exemption apply to contractors?

No, the exemption does not cover your contractors and subcontractors. You must follow the APPs.

What businesses need to do to comply with the Act

Australian Privacy Principles

As a business covered by the Act, you must comply with the APPs Australian Privacy Principles (APPs). There are currently 13 APPs which govern standards, rights, and obligations regarding the collection, use and disclosure of personal information, right to access personal information and governance and accountability for organisations.

To find out more about the 13 APPs, refer to the APP quick reference guide.

Other obligations

In addition to the APPs, there are obligations for business who handle individual’s consumer credit information and the handling of individual’s tax file number (TFN) information.

Under the TFN rule, if you receive a TFN, you must not record, collect, use, or disclose that TFN information unless it is permitted under taxation, personal assistance, or superannuation law.

Breaches of the Privacy Laws

A breach of an APP can lead to regulatory action and penalties. Individuals may also complain if they believe a business has not complied with the Act when dealing with their personal information.

Tips for protecting customer’s personal information

To avoid breaching your obligations, members may wish to follow these tips.

  1. Collection - Only collect personal information that you need and avoid collecting personal information just because it may become necessary or useful later.
  2. Use and Disclosure - Before using and disclosing personal information, think about whether you can conduct your business without it and if not, ensure that you are using and disclosing it for the reason it was collected.
  3. Sensitive Information - Take care when handling sensitive information as this type of information has a higher level of privacy and has additional obligations.  Sensitive information is a specific set of personal information, for example, religious beliefs and affiliations, racial origin, health information or sexual orientation.
  4. Security - Keep all personal information secure to avoid any unauthorised access or disclosure.  When the information is no longer needed, you must take reasonable steps to destroy or de-identify personal information.

For further information about your privacy law obligations, members may refer to the OAIC website.

To find out more, contact HIA's Workplace Services team

Email us

Share with your network:

More articles on:

{{ tag.label }} {{ tag.label }} $vuetify.icons.faTimes
Find guides, how-tos, resources and more

Managing your business


Can’t find what you need, check out other resources that might be closer to the mark.

Explore resources