From 1 December 2020, the Privacy Act 2020 will come into force. There are changes between this new Act and the previous Privacy Act 1993. Agencies must follow a set of rules when handling personal information.
If you handle personal information, then you are likely to be an 'agency'. An agency is any organisation or business, which its in the public or private sector that includes government departments, companies, small businesses, social clubs and other types of organisations.
The Privacy Act has 12 information privacy principles which set out how you should handle personal information.
Principles 1 - 4 set out how you can collect personal information
Priciples 5 - 7 govern how you store personal information
Principles 6 - 12 govern how you use and disclose personal information
A person must be nominated as your Privacy Officer and they must be familiar with your privacy obligations. If your customer has questions about privacy, then they should be directed to the Privacy Officer.