What does privacy compliance require?
Privacy compliance requires organisations to:
- tell individuals the purpose for which personal information is being collected and how the organisation can be contacted to get access to that information
- only use or disclose personal information for the purpose it was collected (or another purpose that the individual would reasonably expect)
- give individuals reasonable access to their personal information and have a process in place for dealing with any complaints
- take reasonable steps to ensure that personal information is secure
- develop a publicly available policy which outlines how the organisation deals with privacy.