- How the organisation collects the personal information of their client. For example, is it collected by emails, online forms, online or in person quotes or competitions?
- How the personal information is used once given to them by the client. For example, do they telephone or email the client regarding new promotions, competitions or do they send information out to a third party?
- When disclosure of personal information will occur. For example, to a credit reporting agency if you default on a loan or not make a payment as requested.
- How a person can access their own personal information held by an organisation. For example a patient in a private hospital wanting to access their personal health information. It also needs to let the client know how they can restrict the collection and use of their personal information.
- Information regarding how the organisation will endeavour to keep their client’s personal information safe and secure.
- How the client can report a breach of the privacy principles by the organisation.
- Australian government agencies.
- Private sectors and not for profit organisations with a profit turnover of over $3 million.
- Private health service providers;
- Some small business entities called ‘APP entities’.