APPs replace IPPs and NPPs
Currently, the Information Privacy Principles (IPPs) apply to the public sector and the National Privacy Principles (NPPs) apply to the private sector. From March 2014, a new set of privacy principles called the Australian Privacy Principles (APPs) will replace both the IPPs and the NPPs.
Of the 13 new APPs, some are significantly different from the existing principles. The OAIC gave these three examples on its privacy law reform page:
- APP 1 on the open and transparent management of personal information;
- APP 7 on the use and disclosure of personal information for direct marketing, and
- APP 8 on cross-border disclosure of personal information.
The Commissioner has more power
The Commissioner will have the ability to accept enforceable undertaking and seek civil penalties in the case of serious or repeated breaches of privacy.
Changes to credit reporting laws
There will be many changes to credit reporting laws, including the introduction of more comprehensive credit reporting.
So it is time to review, and amend as necessary, templates such as collection notices, privacy clauses and confidentiality clauses, and policies and procedures such as those relating to cross border data flow.