Employment Law

Return to Employment Law Publications

Have you ever wondered what rights your employer has to collect, store and utilise information about you?

There are ten national privacy principles which form part of the Privacy Act 1988 (Cth) (“the Act”) and these principles aim to ensure that the information organisations hold about you is held responsibly.


The national privacy principles apply to those people who work in the private sector. These privacy provisions, however, do not apply to all organisations. Organisations are only bound by the national privacy principles if they have an annual turnover of more than 3 million dollars. There are some exceptions to this rule, such as, if the organisation is affiliated with another business that has an annual turnover of more than 3 million dollars, or if it is a health service provider in the private sector.


There are some instances where an industry will have its own privacy code that is applicable only to that industry. If this situation occurs, the industry is bound by that privacy code and the national privacy principles do not apply.


When we refer to your right to privacy, we are talking about privacy over your personal information. So what is personal information? The Act says that personal information is information or an opinion, whether true or not true, about an individual whose identity is apparent from that information or opinion.


The 10 national privacy principles that regulate how private sector organisations manage personal information, include guidelines on collection, use and disclosure, information quality and security, openness, access and correction, use of identifiers already adopted by a Government Department, anonymity, transborder data flows and sensitive information.


If an organisation is bound by the national privacy principles, you should be told of your right to privacy.

For example, you should be told:-


-      If the information is required for a legal purpose or is voluntary.

-      That the organisation can only collect information about you if it is for one of its primary purposes or activities.

-      That you have the right to access your information to have it corrected and ensure it is up to date.

-      How the organisation will manage your personal information and how you can access it.

-      If you have the option of not identifying yourself when entering into a transaction or arrangement.

-      That the organisation cannot use the same identifier for you that is used by another agency, or an agent of an agency, or a contracted service provider.

-      That the organisation cannot collect sensitive information about you unless you consent, unless the collection is required by law, unless it is necessary to protect your safety, or unless it is necessary for a legal purpose.

-      That the organisation cannot use or disclose personal information about you for a purpose other than the primary purpose unless a secondary purpose is related to the primary purpose, or you consent, or you would reasonably expect the organisation to disclose the information.

-      How the organisation will protect your personal information against misuse, loss or unauthorised access.


If you have any questions or concerns about how your employer is collecting, storing and using your personal information, please contact our office. We can advise you on the obligations of your employer under the relevant privacy legislation and guidelines, and the implications for you. In certain cases, we may also be able to approach the Office of the Australian Information Commissioner on your behalf. Alternatively, if you are an employer we would be happy to provide you with advice on your obligations and can draft an appropriate privacy policy for your workplace.

Related articles:

- Ensuring Safety At Work

- Resolving Your Dispute At A Mediation

Sydney: 02 8297 5900 Newcastle: 02 4929 9333  

Submit your enquiry via the form below and we will reply
within the next business day.

*Required fields

Your privacy is important to us. Any information that you give to us remains confidential and will not be shared.