In order to run a successful business there are a lot of hidden facets that require strict maintainence. Those areas that are particualrly cruial at the moment are focussed both on your staff and your customers.
Firstly, ensuring that your staff are correctly employed, and that their contracts are legal, is a much more strenuous task than in the past. There are strict requirements around award criteria, working times, overtime, complying with the NES, and Fair Work requirements, not to mention making sure your employee is adequately reimbursed and happy with their role. There are also external bodies such as unions, and WorkCover to consider, and understanding their powers particularly around right of access and requests is particularly important.
If you are not fully aware of all of the recent changes in these areas please contact us so we can help protect your business and your employees.
This is an area that will surprise many. Essentially, if you have a business that allows you to collect information on customers and that information is stored in a way that can identify individuals, then you need to be fully aware of the legal requirements around how you store and handle this information. Please read the below article for a great overview. If you have not covered this area already it is time to start now, so you can avoid significant financial penalties up to and including imprisonment if serious breaches occur.
Understanding the new privacy laws: Not business as usual
Last year I spent several weeks travelling around Australia talking to business owners and marketers about the new privacy laws coming in March 2014 and how to get ready for them. I found that some business operators didn’t think the new Privacy Amendment Act affects them and that’s concerning. The laws now apply to any businesses with an annual turnover of more than $3 million and those who collect personal information.
Businesses not on top of their customer privacy obligations could reap fines of $340,000 for individuals and up to $1.7 million for companies breaching the new laws. In addition, Privacy Commissioner Timothy Pilgrim has enhanced powers to proactively investigate companies to determine if they are handling personal information according to the new rules and issue financial penalties if they are not.
Australians want their privacy protected In the Privacy Commissioner’s 2013 survey of community attitudes towards privacy, Pilgrim noted Australians are becoming more concerned about privacy risks and they expect companies to effectively safeguard their personal information. 96 per cent of respondents said they should be informed of how their information is handled and protected, and if it is lost.
Privacy is an issue that all businesses must now take seriously, not only for the financial consequences, but the serious reputational damage that a breach can cause a company. So what are the changes you need to know? For starters, there will be a new set of 13 Australian Privacy Principles (APPs) that outlines how business operators must handle personal information of customers. The changes affect how a business can:
- Collect personal information from customers and prospects.
- Handle and process the personal information of their customers.
- Use personal information for marketing purposes.
- Disclose personal information overseas.
Communicating with customers will become more complex. Under the new law, there is a requirement to allow your customers to opt out of your marketing communications. This is not business as usual because in many instances, the opt out needs to appear in every marketing communication regardless of the channel. That’s every piece of mail, telephone call, email and social media post.
The new privacy laws take effect on March 12. Here’s what you should be doing now:
- Audit your data collection and handling practices. Know why you’re collecting customer information, where you’re collecting it and what you’re collecting. Think: what personal information do I really need from my customers?
- Familiarise yourself with ‘notification’ requirements and ensure you have processes in place to comply.
- Re-evaluate your IT security to ensure you have measures in place to prevent privacy breaches. How you store, manage and secure your data is going to be trickier to manage and if you use cloud storage services, there’s a whole new set of requirements to follow. This is really important for small businesses, which are often stretched financially on the IT front. Ensure you set up your systems properly from the start and teach your staff about the new security requirements.
- APP 8 requires a greater level of accountability from business when personal information is being transferred overseas to other parties. They need to comply with Australian standards. If there’s a breach, you could be liable for it.
Above all, transparency is the foundation on which Australian businesses will build stronger future relationships with consumers. Ensure you’re a trusted data custodian.
If you are still not sure whether the Privacy Act applies to your business, get advice from your lawyer.
Jodie Sangster is Chief Executive Officer of the Association of Data-Driven Marketing & Advertising.