ARTICLE
11 May 2023

Privacy Awareness Week Part V–Return Of The Privacy Policy

KG
K&L Gates

Contributor

K&L Gates logo
At K&L Gates, we foster an inclusive and collaborative environment across our fully integrated global platform that enables us to diligently combine the knowledge and expertise of our lawyers and policy professionals to create teams that provide exceptional client solutions. With offices spanning across five continents, we represent leading global corporations in every major industry, capital markets participants, and ambitious middle-market and emerging growth companies. Our lawyers also serve public sector entities, educational institutions, philanthropic organizations, and individuals. We are leaders in legal issues related to industries critical to the economies of both the developed and developing worlds—including technology, manufacturing, financial services, health care, energy, and more.
Explore
You've reached the end of a long week, riddled with proselytising about the importance of being privacy aware and privacy prepared.
Australia Privacy
Person photo placeholder
Person photo placeholder
Photo of Stephanie Mayhew
Photo of Dadar Ahmadi-Pirshahid
Authors
To print this article, all you need is to be registered or login on Mondaq.com.

You've reached the end of a long week, riddled with proselytising about the importance of being privacy aware and privacy prepared. You get it! You lay your head to a well-earned rest...and like Kate McCallister wake screaming "Privacy Policy"! In true "back-to-basics" fashion, the privacy policy is getting a reboot!

If this is your first rodeo, a great starting point is to consider what information your organisation collects and how your organisation uses that information as the core aim is to educate users and providers on your organisation's handling of personal information. In addition to that, some hot tips from our combined experience of having reviewed what feels like more privacy policies than there are episodes of The Bold & The Beautiful include:

  • a privacy policy should be 'user friendly' – 'test it' by reading it from the perspective of someone engaging the organisation's services;
  • the reader should be able to understand your business' functions, activities and procedures for handling personal information; and
  • focus on what is important to readers and provide information in layers so that you can be succinct while ultimately being as specific as possible.

If you too have a PhD in privacy policies, don't rest on your elbow patches yet! Reforms to the Privacy Act proposed by the Attorney-General's department propose to introduce standardised terminology and iconography, re-emphasise the requirement that privacy policies be clear and understandable, and additionally require that privacy policies include:

  • the rights of the individual (proposed to be expanded) and your organisation's procedures for responding to an individual's request to exercise their rights;
  • the types of personal information that will be used in substantially automated decisions which have a legal or similarly significant effect on an individual's rights; and
  • maximum and minimum personal information retention periods that must be reviewed periodically.

Now you have our permission to rest!

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Person photo placeholder
Cameron Abbott
Person photo placeholder
Rob Pulham
Photo of Stephanie Mayhew
Stephanie Mayhew
Photo of Dadar Ahmadi-Pirshahid
Dadar Ahmadi-Pirshahid
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More