| National Privacy Principles |
 |
| In 2001, the Australian Federal government introduced the National
Privacy Principles. These are a set of guidelines to help Australians,
as individuals and corporate identities, conduct their business in
accordance with the Privacy Act. There are ten National Privacy Principles
(or NPPs); a brief summary of these is shown below: |
| 1. Collection of Personal Information Must be
Fair, Lawful and Not Intrusive |
| An organisation must only collect personal information that's necessary
for one or more of its legitimate functions or activities (the primary
purpose). |
| Use and Disclosure |
| As a general rule, an organisation should only use or disclose
personal information for the purpose for which it was collected. |
| Data Quality |
| An organisation MUST take reasonable steps to ensure that the personal
information it collects is ACCURATE, COMPLETE & UP TO DATE |
| Data Security |
| An organisation must take reasonable steps to protect the personal
information it holds from misuse, loss and unauthorised access, modification
and disclosure. It must destroy personal information - or make it
impossible to identify the person it relates to - if it is no longer
needed for any purpose, in accordance with NPP 2. |
| Openness |
| Organisations must prepare clearly expressed policies on the management
of personal information, which must be available on request. This
may be a general statement saying that the organisation abides by
the NPPs or an approved privacy code and mentioning any applicable
exemptions. It should also briefly state the type of personal information
held, the broad purposes for which it is used, and how an individual
can access personal information or lodge a complaint. |
| Accesses and Correction |
| As a general rule, an organisation must, upon request, give the
individual access to any personal information held about them. |
| Identifiers |
| An organisation must not adopt an identifier (a number used by
a government agency, its agents or contractors; for example, a Medicare
number), to identify an individual, nor should it disclose an identifier
assigned by a government agency. |
| Anonymity |
Wherever it is lawful and practicable, individuals must have
the option of not identifying themselves when entering transactions. |
| Trans-border Data Flow |
| An organisation in Australia must take steps to protect an individual's
privacy if personal information is sent outside Australia. |
| Sensitive Information |
Generally, an organisation is not allowed to collect sensitive
information from an individual unless the individual has consented;
the collection is required by law; the information is required to
establish or defend a legal or equitable claim; or the individual
is incapable of consenting and the information is needed because
of a serious and imminent threat to the life or health of the individual.
Naturally, ATS complies with all of these NPPs. If you would like
more information about this, please contact us and ask for details.
For more information about the National Privacy Principles, visit
http://www.privacy.gov.au |
| Charges |
| Rates upon application |
