Commissioner covers privacy switch
The Office of the Australian Information Commissioner (OAIC) has updated its guidelines in the wake of new privacy laws.
The Australian Privacy Principle (APP) guidelines have been revamped.
The OAIC says it has taken on the changes proposed in feedback from stakeholders.
The new outline is split into four chapters, clarifying some aspects of the guidance and responding to issues such as the introduction of separate privacy legislation in the Australian Capital Territory (ACT).
A large portion of the changes concern guidance to ACT public sector Agencies, which are covered by the revised ACT Information Privacy Act 2014.
The new guidelines also clarify what is meant by the term “carries on business in Australia”; an important part of the test for whether an APP entity has an Australian link.
They further detail the circumstances where an APP entity can breach the APPs by providing personal information to an overseas contractor and the information is mishandled overseas.
The rules about when the ‘international agreement’ APP exception applies have been updated, as has the guidance about 'reasonable steps' and examples for consistency with the OAIC's Guide to Securing Personal Information (2015).