The 2016 Census was meant to be to a seminal moment in our history. For the first time, a snapshot of our society was to occur online.
However, instead of the excitement of something new, and kudos to the government for implementing a new system said to save taxpayers around $100 million, all of the publicity related to our concerns about privacy. We wanted to know how the information we had willingly provided in years past was going to be used, accessed and stored. If anything, the 2016 Census showed how much people value their privacy and how any transaction online sets off alarm bells.
Privacy may not be a particularly interesting topic of conversation, but you can bet your bottom line that your customers are concerned about their personal information and what you are doing with it. If there is even a perception that you will not respect their privacy, they will vote with their feet.
Personal information is any detail about a person that allows that person to be identified – their name, address, date of birth, bank account details, medical records, photographs and even information about their shopping habits and where they work may be included. Much of this information is routinely collected by businesses. If your business collects personal information there are strict requirements about how you use it and store it. If you misuse this material, you are likely to lose customers and business partners. You may also risk a fine.
When you are collecting information, you should state what the information is used for and refer customers to your privacy policy. Consider if you actually need the information – “because it might be useful later on” is not a good enough reason to request it. A clear privacy policy will provide reassurance to your customers that you respect their privacy. If you collect any type of financial information from customers they will expect it to remain private, in fact, they are entitled to have it protected from disclosure.
Next, consider how you store personal information. Have sophisticated passwords for your server, a firewall and don’t leave physical copies of information physically lying around where others can see it. You need a process in place to manage the information. If you have staff members, you will need to let them know about the process. The process is an important tool to protect your business from fines, complaints and a loss of customers so it is worth getting the process right from the start.
If you will share the information with a third party, you must state this in your privacy policy.
A business with an annual turnover of more than $3,000,000.00 must comply with the Privacy Act. If your business has less turnover, it is still a good idea to demonstrate to your customers that you value their personal information, it’s great PR. If your business provides health services you must comply with the Privacy Act and the Heath Records Information Act, irrespective of your annual turnover. If you have any contracts or funding from the government, you are likely to have to comply with any privacy policies of that agency as part of your agreement.