If your business or organisation has a turnover greater than 3 million per year the significant changes that were made to the Australian Privacy Act on 12 March 2014 are likely to apply to your organisation. A compliance program should be implemented to ensure any personal information that is used or disclosed by the organisation is appropriately protected.

The reforms implemented 13 new Australian Privacy Principals, with substantial changes being made to the principles surrounding direct marketing and cross border disclosure of information.  Additional changes to the Act implement changes to the credit reporting regime that will be particularly relevant to insurers if they undertake online credit reference checks on insureds or other individuals.

If your business collects, uses or discloses personal information, maintains a client or customer database or uses a cloud computer system, changes to the laws that commenced on 12 March 2014 are relevant to you.

Like the US, Australia is experiencing the proliferation of mobile medical apps (software applications that can be executed on a mobile platform) which seek to provide a number of functionalities, many of which operate between traditional disease management and health and wellness. Some of these new apps assist consumers with their health and wellness management, whilst others provide healthcare providers with tools to improve and facilitate the delivery of patient care.

As part of the 2010/11 Federal budget, the Government announced a $466.7 million investment over two years for a national Personally Controlled Electronic Health Record (PCEHR) system for all Australians who choose to register on-line, from 2012-2013. This initiative has the potential to be a revolutionary step for Australian health care, in terms of both consumer's access to their own health information and improvement in information which will be available to health professionals when they treat a patient.

Australia privacy rights are regulated by Commonwealth and State legislation and the laws protecting confidential information under the common law.

Australian privacy laws govern the collection, use and disclosure of “personal information”.  Further, individuals are provided with a right of access and correction of their own personal information.  There are also data security, data quality and cross-border transborder data flow requirements.

In the 2012-13 financial year, the Compliance Branch of the Office of the Australian Information Commissioner (OAIC) received 1496 privacy complaints, and increase of 10% over the 1357 received in 2011-12. In addition, the OAIC dealt with 13 own motion investigations and 61 voluntary data breach notifications. Here is one case (misuse of a mobile phone number by a bank to direct market a bank related insurance product) that may be of interest…

The case was based on an alleged breach by the bank where it used or disclosed personal information about an individual for a purpose other than the primary purpose of collection.

From the start of the new year  there are to be more changes to the Privacy Act 1988 which could be relevant to you and your business. You will need to consider your own privacy compliance arrangements to make sure they don’t leave you at risk.

The Privacy Act changes commence in March 2014. 

If your credit application, privacy policy or terms and conditions of trade do not property take the new amendments into account, you may find yourself in danger of breaching the new Act. The changes have imposed new credit reporting provisions, and have given enforcement powers to the privacy Commissioner. 

Quite frequently business owners who have decided to enter into various arrangements for the distribution or licensing of their goods or services discover that the agreement reached is in law a “franchise agreement” and that they have unwittingly become a franchisor subject to additional regulation and obligations. If an agreement is a “franchise agreement” then there are certain legal requirements including mandatory disclosure prior to the grant of the franchise, procedures for transfer and termination and resolution of disputes.

A US Judge has found that organisations who use images posted on Twitter for commercial purposes will infringe the copyright of the owner of those photographs.

The Washington Post and Agence France – Presse had argued that once the pictures appeared on Twitter they were freely available and that Twitter’s terms of service granted it the right to use the photographs. Accordingly, they have published the photographs without permission from or payment to the professional photographer who took them.