The Australian Privacy Commissioner has released a new resource helping small businesses identify whether or not they need to comply with the Australian Privacy Principles in the Privacy Act 1988 (Cth).
In particular, if your small business has a turnover of more than $3 million per annum, you hold health records, you provide credit reporting services or telecommunications information, you are registered as an agent under the Fair Work Act or hold a residential tenancies database, then you must comply with the Australian Privacy Principles. You may be required to comply in some other circumstances as well.
The Australian Privacy Principles are intended to reflect best practice for management of personal information and businesses are invited to comply even if they are not required to do so to ensure that personal information is handled appropriately.
The resource can be found at http://www.oaic.gov.au/privacy/privacy- resources/privacy-business-resources/privacy-business-resource-10