Best Practice Guide Workplace privacy



Similar documents
Best Practice Guide Consultation & cooperation in the workplace

Police Financial Services Limited Copyright exists in this document Privacy Policy 1

Hume Bank Limited Privacy Policy

Best Practice Guide Gender pay equity

The kinds of personal information we collect and hold vary depending on the services we are providing, but generally can include:

Best Practice Guide Improving workplace

Best Practice Guide Use of individual. flexibility arrangements. Working at best practice

Best Practice Guide Effective dispute resolution

QUEENSLAND COUNTRY HEALTH FUND. privacy policy. Queensland Country Health Fund Ltd ABN better health cover shouldn t hurt

Next Business Telecom is also subject to other laws relating to the protection of personal information.

BLUE BADGE INSURANCE PTY LTD BLUE BADGE COMMUNITY AUSTRALIA PTY LTD PRIVACY POLICY

How To Understand The Privacy Policy Of Racing Internet Services

PRIVACY AND CREDIT REPORTING POLICY

Ausgrid Privacy Policy

ANZ Privacy Policy PROTECTING YOUR PRIVACY 07.15

Privacy Policy. Approved by: College Board, 01/12/2005 Principal from 14/02/2014

CUA Group APP Privacy & Credit information Policy

International. and when. technology. responsibly. and provide handled. including, in. Australia, in may rely on. (b) steps to notify collected.

Alta Investment Management Financial Services Guide

PRIVACY POLICY Personal information and sensitive information Information we request from you

Data Security and Extranet

Daltrak Building Services Pty Ltd ABN: Privacy Policy Manual

Privacy and Health Record Resource Handbook. For Medical Practitioners in the Private Sector

The Privacy Act 1988 contains 10 National Privacy Principles (the NPPs) which specify how organisations should handle personal information.

Water brokers and exchanges your fair trading obligations

PRIVACY POLICY. comply with the Australian Privacy Principles ("APPs"); ensure that we manage your personal information openly and transparently;

DESTINATION MELBOURNE PRIVACY POLICY

CBHS HEALTH FUND LIMITED PRIVACY POLICY

NATIONAL COMPLIANCE AND ENFORCEMENT POLICY

communications between us and your financial, legal or other adviser, or your broker or agent;

Privacy Policy. 30 January 2015

Why does Smart Business Telecom Pty. Ltd. collect personal information?

SURVEILLANCE AND PRIVACY

Disclosure is the action of making new or secret information known.

1.4 For information about our management of your other personal information, please see our Privacy Policy available at

Respecting your privacy

RAMS Privacy Policy. When you trust us with your personal information, you expect us to protect it and keep it safe.

Guidelines for the application of advertised Religious Education Coordinator position

Zinc Recruitment Pty Ltd Privacy Policy

We are committed to keeping your information safe. We use appropriate security measures and technology to protect your personal information.

Human Resources and Data Protection

Catalyst Consulting & Events (CCE) takes seriously its commitment to preserve the privacy of the personal information that we collect.

I loved reading the terms & conditions! said no one, ever. term deposit terms + conditions

Direct Recruitment Privacy Policy

Westpac Privacy Policy. Our privacy commitment to you

PRIVACY POLICY NEXT BUSINESS ENERGY PTY LIMITED ABN

Privacy Charter. Protecting Your Privacy

ROYAL AUSTRALASIAN COLLEGE OF SURGEONS

Term Deposit Accounts for QCU Simple Super

3 What Personal Information do we collect and why do we need it?

Home Indemnity Insurance - Western Australia Policy Wording

Personal Data Act (1998:204);

Mercedes-Benz Financial Services. Privacy Statement

OSHC Extras. Overseas Student Health Cover. Policy Document. Effective 1 April 2015

privacy and credit reporting policy.

Entrepreneurs Programme - Business Evaluation. Version: 3

MarketPlace Leichhardt VIP Cashback Card and Loyalty Program Terms and Conditions Issued 5 December 2013

Equal Opportunity, Discrimination and Harassment

Office of the Data Protection Commissioner of The Bahamas. Data Protection (Privacy of Personal Information) Act, A Guide for Data Controllers

Small business guide to trade practices compliance programs. April 2006

Terms of Business for Registered Support Providers

Employee Data Privacy A Regional Overview

Policy Statement on. Associations. Eligibility to apply for a Scheme under Professional Standards Legislation May 2014

ATMD Bird & Bird. Singapore Personal Data Protection Policy

Identity Cards Act 2006

Whistleblowing. Some Relevant Considerations

Privacy Policy First National Real Estate Cremorne ACN

Data Compliance. And. Your Obligations

PROFESSIONAL INDEMNITY CLAIM FORM

Financial Services Guide part one

Building Indemnity Insurance - South Australia Policy Wording

WHAT KIND OF PERSONAL INFORMATION DOES NINE COLLECT AND HOW DOES NINE COLLECT IT?

Fact sheet: Duties of directors of a company limited by guarantee

Privacy fact sheet 17

Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable:

Transcription:

Best Practice Guide Workplace privacy 01 Work & family 02 Consultation & cooperation in the workplace 03 Use of individual flexibility arrangements 04 A guide for young workers 05 An employer s guide to employing young workers 06 Gender pay equity 07 Small business & the Fair Work Act 08 Workplace privacy 09 Managing underperformance 10 Effective dispute resolution 11 Improving workplace productivity in bargaining 12 Parental leave Working at best practice Employers should implement best practice when it comes to maintaining privacy in the workplace. It is important for employers, employees and their representatives to know what information may be collected and retained by employers and whether it can be passed on to others. Best practice creates certainty and security for both employers and employees. There is also a checklist to assist with achieving best practice on workplace privacy. This guide illustrates best practice when it comes to workplace privacy. For more specific information regarding your minimum legal obligations and entitlements, contact the organisations listed under the For more information section at the end of this guide. This Best Practice Guide explains: what is privacy what is workplace privacy general privacy principles obligations when information is provided to third parties, particularly when given under the Fair Work Act 2009 (FW Act) privacy in relation to email and the internet. Fair Work Ombudsman 1

Best Practice Guide Workplace privacy What is privacy? Privacy is the word we give to being able to keep certain information to ourselves and to control what happens to our personal information. It also refers to being able to do things without interference by others. Privacy issues can arise in all aspects of life. Commonwealth privacy laws regulate the collection and handling of personal information through minimum privacy standards. These are known as the Australian Privacy Principles (APPs). The APPs apply to all private sector businesses with an annual turnover of more than $3 million, all private health service providers nationally, a limited range of small businesses and all Australian government agencies. Although some small businesses are not required to abide by Commonwealth privacy laws, all businesses should aim to comply with the privacy principles as a matter of best practice. For specific information about APPs visit the website of the Office of the Australian Information Commissioner at www.oaic.gov.au. What is personal information? Personal information is information that identifies a person. There are some obvious examples of personal information such as a person s name or address. Personal information can also include photos, credit history information, bank account details and even information about what a person likes, their opinions and where they work - basically any information where the person is reasonably identifiable. Personal information can be sensitive in nature such as information about a person s race, ethnicity, political opinions, membership of political associations, membership of professional associations and trade unions, religious or philosophical beliefs, sexual preferences, health and genetic information or criminal records. The APPs provide higher privacy standards when organisations are handling an individual s sensitive information. Best practice employers apply the same higher standards even where they are not covered by the Privacy Act 1988 (Cth) to ensure that sensitive personal information is handled appropriately. What is workplace privacy? Employers will have access to personal information about employees. This information may be sensitive and employees may wish to keep this information private. This means that employers will need to think about the way in which they collect, use and disclose information they obtain from employees. In many cases, Commonwealth privacy laws will not apply when it comes to employee records. Commonwealth privacy laws only apply to employee personal information if the information is used for something that is not directly related to the employment relationship between the employer and the employee. Nonetheless, best practice employers think carefully about any personal information that they have about their employees and treat that information in accordance with the privacy standards set out in the APPs. It is good privacy practice for employers to tell employees when they collect their personal information. In doing so, the employer could tell the employee why they are collecting the information and who the employer might pass that information on to. Best practice employers allow employees to access personal information about themselves which is held by their employer. Employees should also be able to have that information corrected or verified if it is incorrect, out of date or incomplete. General privacy principles The Office of the Australian Information Privacy Commissioner s website contains further information on good practice for organisations dealing with employees personal information. The guides deal with: limiting the collection of information providing notice to individuals about the potential collection, use and disclosure of personal information disclosing personal information keeping personal information accurate, complete and up-to-date keeping personal information secure 2 providing access to personal information.

When can you give information to third parties? Best practice employers understand that creating trusting relationships with employees is integral to achieving a happy and productive workplace. Best practice employers follow the APPs when providing information about their employees to third parties. In line with the APPs, for example, an employer should not sell a list of its employees to another organisation for marketing purposes. In limited circumstances, however, an employer may disclose employee records to a third party. Information requested by a Fair Work Inspector A Fair Work Inspector can request information about employees in order to establish that the business is meeting its employment obligations. Under the FW Act, employers are required to provide this information to a Fair Work Inspector. Information requested by other government agencies Some government agencies, such as the Australian Tax Office, have powers to request information from employers. Employers should satisfy themselves that the agency requesting the information has the power to do so. You may wish to ask the agency what law allows them to make a request for the information. When required by law, employers should provide the requested information to the appropriate government agencies. Information requested by a permit holder There may be occasions where a permit holder (generally a union official) will wish to enter an employer s premises to investigate a suspected contravention of the FW Act or an industrial instrument such as a modern award or enterprise agreement. While on the premises, the permit holder may also ask to inspect or copy documents. In these circumstances, the FW Act: allows a permit holder to inspect or copy documents which are directly relevant to the suspected contravention allows a permit holder to inspect or copy the documents of members of the organisation the permit holder is from allows a permit holder to inspect or copy the documents of non-members where consent has been obtained from the specific non-members or an order for access has been obtained from the Fair Work Commission exempts an employer from allowing the permit holder to inspect or copy documents if doing so would contravene a Commonwealth law (including he Commonwealth privacy laws) or a state or territory law. The FW Act also imposes certain privacy obligations on a permit holder (and the organisation they are from) in relation to information obtained from the exercise of a right of entry. Subject to limited exceptions, a permit holder and the organisation must not use or disclose personal information obtained in these circumstances for a purpose other than to investigate or remedy a suspected contravention. A permit holder or organisation found to have breached these obligations can be liable for significant penalties and may have their permit revoked. Information collected from a protected action ballot Protected action ballots will generally be conducted by the Australian Electoral Commission (AEC). Under the FW Act, however, the Fair Work Commission may decide that a person other than the AEC is to be the protected action ballot agent or independent adviser for a protected action ballot. In this situation, the non-aec ballot agent or independent adviser must not disclose information that would identify an employee as a member or non-member of a union. Disclosure of such information may be subject to a civil penalty under the FW Act. It may also be the subject of the Commonwealth privacy laws and a complaint to the Office of the Australian Information Commissioner. Fair Work Ombudsman 3

Best Practice Guide Workplace privacy Information for references Sometimes employers are approached to provide employment references about former or current employees. Providing information that relates directly to the employment relationship between an employer and employee is not a breach of Commonwealth privacy laws. Information that directly relates to the employment relationship can include things such as the employee s skills, performance, conduct, and their terms of employment. In general, best practice employers consider whether to disclose personal information about an employee without their consent. If an individual applying for a job has asked a former employer to act as a referee, the former employer can assume, when contacted for a reference, that they have the individual s implied consent to disclose relevant information about them. However, if the former employer has not been asked by the individual to be a referee and is contacted for a reference, generally the former employer should seek the consent of the individual before disclosing information about them. Best practice employers also consider what information is appropriate to provide in a reference. In some circumstances, it may not be good practice to disclose personal information about, for example, an employee s medical history. The Office of the Australian Information Commissioner can provide more information on this matter. What about email and the internet? Employee and employer use of internet and email can raise issues about workplace privacy. Password access and login codes may give employees the impression that their email and web browsing activities during work hours are private. Employees may not be aware that these activities can be scrutinised by their employer. Clear workplace policies can help to ensure that both employees and employers understand the expectations and responsibilities that apply to email and internet use. The preparation of a best practice internet and email usage policy can include: consulting with employees about the policy during the policy s development. This will help the employer to understand the types of legitimate activities for which staff are using email and web browsing. A consultative process can also increase employees awareness of the possible risks to the business associated with improper email and internet use developing and communicating to the employees a policy which outlines the obligations and responsibilities of employees and the employer in relation to use of electronic communication mediums. A best practice policy will: outline what personal use of email both within the organisation and externally, is appropriate refer to any relevant legislation regarding use and access explain clearly what is appropriate use of email and internet at work outline types of use that are prohibited outline what information is logged and who in the organisation has rights to access the logs and content of staff email and browsing activities set out in plain English how the business intends to monitor or audit employee compliance with its rules relating to acceptable usage of email and web browsing outline potential consequences for misuse of email or web browsing. reviewing the policy with employees on a regular basis. This will help the policy to keep up with the development of the internet and information technology. The policy should be re-issued to all employees whenever significant change is made so they are aware of any change and to reinforce the organisational message. 4

Similar issues (and best practice responses) may arise from the use of company-provided mobile phones and other electronic devices when accessed for personal use. What about other legal requirements? Some states and territories have their own laws that may relate to workplace privacy or workplace surveillance. See the For more information section at the end of this guide to find out where to learn more. Checklist for best practice on workplace privacy Is there a policy and practice on how employee personal information is collected and handled? If so, how is the policy and practice communicated to staff and how are people made aware of it? How is it made available to employees? Does the business only collect and retain information about employees that is necessary? Is personal information held by the business complete and up-to-date? Does the business retain personal information in a secure way? When providing information to a third party, has the business ensured that it has complied with its own privacy obligations? For example, if information is being provided to meet a lawful request, has the business only provided information that is necessary to comply with that request? Does the business have policies in place about use of electronic equipment which sets out appropriate personal and business use and which makes clear how the business monitors employee use of electronic equipment? Fair Work Ombudsman 5

For more information Office of the Australian Information Commissioner 1300 363 992 www.oaic.gov.au Fair Work Ombudsman 13 13 94 www.fairwork.gov.au Fair Work Commission 1300 799 675 www.fwc.gov.au State Bodies Australian Capital Territory Human Rights Commission (02) 6205 2222 www.hrc.act.gov.au Office of the Information Commissioner Northern Territory (08) 8999 1500 www.infocomm.nt.gov.au Office of the Information Commissioner Queensland (07) 3234 7373 www.oic.qld.gov.au Ombudsman Tasmania 1800 001 170 www.ombudsman.tas.gov.au Privacy Committee of South Australia (08) 8204 8786 www.archives.sa.gov.au /privacy/comittee.html Privacy NSW (02) 8688 8585 www.lawlink.nsw.gov.au /privacynsw Privacy Victoria 1300 666 444 www.privacy.vic.gov.au Western Australian Department of Labour Relations 1300 655 266 www.docep.wa.gov.au/ LabourRelations Acronyms used in this guide AEC Australian Electoral Commission FW Act Fair Work Act 2009 APP Australian Privacy Principles Disclaimer The Fair Work Ombudsman is committed to providing you with advice that you can rely on. The information contained in this Best Practice Guide is general in nature. If you are unsure about how it applies to your situation you can call our Infoline on 13 13 94 or speak with a union, industry association or a workplace relations professional. Produced May 2014. FWOBPG8a.03. Commonwealth of Australia 2014 Fair Work Ombudsman 13 13 94 www.fairwork.gov.au

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information