Did you know that your organization must comply with the Privacy Act 1993 ?
Some organizations are unaware of their requirements under the Act, and how they must deal with, treat personal information collected in the course of their work (business).
The Privacy Act 1993 is a relatively simple piece of legislation, there are basic principles which you must comply with – these include:
Principle 1, Principle 2, Principle 3 and Principle 4 govern the collection of personal information. This includes the reasons why personal information may be collected, where it may be collected from, and how it is collected.
Principle 5 governs the way personal information is stored. It is designed to protect personal information from unauthorised use or disclosure.
Principle 6 gives individuals the right to access information about themselves.
Principle 7 gives individuals the right to correct information about themselves.
Principle 8 and Principle 9, Principle 10 and Principle 11 place restrictions on how people and organisations can use or disclose personal information. These include ensuring information is accurate and up-to-date, and that it isn’t improperly disclosed.
Principle 12 governs how “unique identifiers” – such as IRD numbers, bank client numbers, driver’s licence and passport numbers – can be used.
If you’re not sure about the Privacy Act and your organization – take a look at:
If you still have doubts, questions or concerns contact the Office of The Privacy Commissioner – they are able to offer some training through workshops for those needing more in-depth knowledge/understanding of the Act and it’s implications, your responsibilities etc.
Also – check Keeping It Legal – a great resource for legislation and other matters that may affect community and voluntary organizations.
Source: Image and quotes from Office of The Privacy Commissioner