Talking of its importance, it is compulsory by law in many countries, including here in Australia. However, you only need to follow the Privacy Act 1988, in certain circumstances (although it is recommended you do, no matter if you are required to by law, or not).
These circumstances are;
If your business has an annual turnover of more than $3 million, you must comply with the Privacy Act.
If your business has an annual turnover of $3 million or less, you may still be required to comply with the Privacy Act depending on your business type and what you do within your business. For example, you will still be required to comply if you’re a:
- private sector health service provider, including complementary therapists, gyms, weight loss clinics, child care centres and private education providers
- business that sells or purchases personal information
- contractor providing services under a contract with the Australian Government
- credit provider/credit reporting body
- residential tenancy database operator
Ideally, most experts will agree that you should have one even if your organisation does not meet the criteria above.
Ensuring trust and privacy is just the beginning of this journey. Getting it done the right way is going to make things easy and smooth for you in the later stages.