Legal123.com.au

Do You Run One of These ‘Privacy High Risk’ Businesses?

image of privacy awareness week partnerLegal123 is highlighting Online Privacy this week – because it’s Privacy Awareness Week (#2015PAW). And in this article we want to talk about the 2 types of businesses that are “higher risk” and need to meet stricter Privacy requirements. You might be one of these businesses and not realize it! So read on.

Do you have a health-related business?

If you run a business that is involved in “assessing, recording, maintaining or improving a person’s health” then, under Privacy Law, you fall into the ‘Special Health Privacy’ category. This is quite a broad description but typically covers business that offer, for example:

  • Health advice, including alternative therapies
  • Massage, yoga and meditation
  • Fitness, exercise and personal training, etc.

If you offer these types of services, you likely collect health, medical and other sensitive information in order to deliver your services. And Privacy Law requires that you comply with stricter Privacy standards.

You need to do these 5 things in your business:

  1. Have a Privacy Policy and Privacy Compliance System in place
  2. Only collect personal information you require to deliver your services
  3. Only use the personal information for the purpose you have agreed
  4. Destroy the personal information when you no longer need or use it
  5. Ensure you have a regular system for securely destroying information you have not used in a “reasonable” amount of time (you cannot keep it ‘just in case’)

Do you buy, sell or trade customer information?

For example, do you buy, sell or trade customer email lists? If you do, then you are ‘dealing in’ personal data. And Privacy Law also requires that you comply with stricter Privacy standards.

You need to do these 3 things in your business:

  1. Ensure you have ‘active agreement’ (opt-in) by your customers to use their personal information
  2. Have very clear language that details how you use their personal data (e.g. provide to 3rd parties for marketing related services)
  3. Ensure the customer has a clear understanding of who and where you are providing their personal data

If you need help reviewing your company’s Online Privacy requirements or writing a more comprehensive Privacy Policy, just get in touch here.

Get 50% off our Privacy Policy template

Still not got a Privacy Policy on your website? Whoops. Quickly, get one posted. And to help you, there’s a 50% discount on the Legal123 Privacy Policy template for this week only.

Just sign up to our blog (“Online Business Advice with a Legal Twist”) in the sidebar on your right and you’ll be sent a 50% discount coupon that’s good during Privacy Awareness Week.

About Vanessa Emilio

Vanessa Emilio (BA Hons, LLB, ACIS, AGIA) is the Founder and CEO of Legal123.com.au and Practice Director of Legal123 Pty Ltd. Vanessa is a qualified Australian lawyer with more than 20 years experience in corporate, banking and trust law. Email Vanessa at vanessa@legal123.com.au.