Important mandatory requirement information

Although there is not one clear definition, privacy can be viewed as the ability for an individual to maintain a level of control over their personal information.

Why must I?

Australian Government agencies must comply with the Privacy Act 1988, particularly the Information Privacy Principles. The Information Privacy Principles (IPP) deal with all stages of the processing of personal information – setting out standards for the collection, use, disclosure, quality and security of personal information.

What must I do?

The Guidelines for Federal and ACT Government Websites provide four guidelines with which agency websites must comply. These are summarised as:

Openness
Guideline 1. Agency websites should incorporate a prominently displayed Privacy Statement which states what personal information is collected, for what purpose and how this information is used, if it is disclosed and to whom and addresses any other relevant privacy issues.

Collection of Personal Information via Websites
Guideline 2. Agencies that solicit or collect personal information via their websites must comply with IPPs 1-3. Agency website privacy statements should include a statement regarding this collection which complies with IPP 2. Where an online form is used to collect personal information the statement should be on the same page as the form or prominently linked to it.

Security
Guideline 3. If personal information is collected via an agency website this should be done by sufficiently secure means. Individuals should be provided with alternative means of providing personal information to the agency, other than via the website. The Privacy statement should address security issues where appropriate.

Publication
Guideline 4. Where agencies are considering the publication of personal information regarding individuals on the web they should be sure that this complies with IPPs 1-3 and 10 and 11.

How do I?

To ensure that agency-run websites and other online services are compliant with the Privacy Act and Information Privacy Principles, the Guidelines for Federal and ACT Government Websites are available to assist agencies to adopt good privacy practice in respect of their websites.

Government FAQs provides answers to questions frequently asked on privacy issues to the Office of the Australian Information Commissioner (OAIC).

Agencies should consider conducting a Privacy Impact Assessment (PIA) during development. Further information is available in the PIA Guide (PDF 1.19MB)  from the OAIC.

Subjects:

• privacy
• personal information