The following is an extract of the key principles as found in the Australian Privacy Act
(see http://www.privacy.gov.au/law/act)
A number of the recommended guidelines as stated in this document are extrapolated from these principles. It is recommended that organisations become fully acquainted with all the principles.
Principle 1
Manner and purpose of collection of personal information.
.Personal information shall not be collected by a collector for inclusion in a record or in a generally available publication unless:
(a)the information is collected for a purpose that is a lawful purpose directly related to a function or activity of the collector; and
(b) the collection of the information is necessary for or directly related to that purpose.
Principle 3
Solicitation of personal information generally.
(d) the collection of the information does not intrude to an unreasonable extent upon the personal affairs of the individual concerned.
Principle 4
Storage and security of personal information.
A record-keeper who has possession or control of a record that contains personal information shall ensure:
(a) that the record is protected, by such security safeguards as it is reasonable in the circumstances to take, against loss, against unauthorised access, use, modification or disclosure, and against other misuse;
Principle 5
Information relating to records kept by record-keeper.
(e) the persons who are entitled to have access to personal information contained in the records and the conditions under which they are entitled to have that access;
Principle 9
Personal information to be used only for relevant purposes.
A record-keeper who has possession or control of a record that contains personal information shall not use the information except for a purpose to which the information is relevant.
Principle 10
Limits on use of personal information.
1. A record-keeper who has possession or control of a record that contains personal information that was obtained for a particular purpose shall not use the information for any other purpose unless:
(a) the individual concerned has consented to use of the information for that other purpose;
Principle 11
Limits on disclosure of personal information.
1. A record-keeper who has possession or control of a record that contains personal information shall not disclose the information to a person, body or agency (other than the individual concerned) unless:
(b) the individual concerned has consented to the disclosure;
(d) the disclosure is required or authorised by or under law