All images are of AAR staff and partners
Allens Arthur Robinson
Privacy homeOverviewNPPs & codesComplyingLegislation & linksIndustriesNews
Home »  Overview »  
Print Version
Or use advanced search
Introduction
Who, what & when
International data flow
Sensitive information
Chronology
Spam
Tort of invasion of privacy
 Feedback
 Contacts
 Glossary


Sensitive information

Introduction

Sensitive information has additional protection under the Act under NPP 10, which says that generally, an organisation is not allowed to collect sensitive information from an individual unless:

  • the individual has consented; 
  • collection is required or authorised by law; 
  • the information is required to establish or defend a legal or equitable claim; or 
  • the individual is incapable of consenting and the information is needed because of a serious and imminent threat to the life or health of the individual. 

This covers personal information such as an individual's:

  • race or ethnic origin; 
  • political opinions, membership of a political association; 
  • religious beliefs or affiliations; 
  • philosophical beliefs; 
  • membership of a professional or trade association or membership of a trade union; 
  • sexual preferences and practices; 
  • criminal record; or 
  • health information. 
To toptop of page

Health information

Health information is generally considered to be amongst the most sensitive and intimate personal information and it has even more stringent protection under NPP 10.

It includes personal information or an opinion about:

  • the health or disability of an individual;
  • an individual's expressed wishes about his or her current or future health services; or 
  • other personal information collected to provide a health service or in connection with, for example, organ donation. 

The health section of the Commissioner's review released in May 2005 contains recommendations regarding the collection of sensitive health information, as well as recommending amendments to NPP 10.2.

For more, see our health section. 

To toptop of page

Tax file numbers

The Tax File Number Guidelines issued under the Privacy Act 1988 protect the privacy of individuals by regulating the collection, storage, use and security of tax file number information. 

Private sector organisations who may lawfully be in possession of the tax file number of another person include:

  • employers; 
  • higher education institutions; 
  • superannuation bodies; 
  • tax agents; 
  • solicitors; 
  • accountants; 
  • investment bodies; 
  • responsible entities of unit trusts; 
  • securities dealers; 
  • banks; 
  • building societies; and 
  • credit unions. 

A person who (lawfully or unlawfully) is in possession or control of a record that contains tax file number information is regarded as a file number recipient.

The Guidelines provide, amongst other things, that:

  • tax file information shall only be requested from individuals or used or disclosed by file number recipients for the purposes of carrying out responsibilities under taxation, assistance agency or superannuation law; and 
  • the tax file number may not be used or disclosed to establish or confirm the identity of, or obtain information about, an individual for any purpose not authorised by taxation, assistance agency or superannuation law.

The rights of individuals under taxation, assistance agency or superannuation law to choose not to quote a tax file number must be respected.

If an individual is required by law - or chooses - to provide information which contains a tax file number (for example a customer providing a document such as a tax return to a credit provider as proof of income) they may delete their tax file number from it. If they do not do so, then the recipient has an obligation to delete the tax file number from the document.

It is therefore important to ensure that these tax file numbers are always carefully deleted from any documents supplied by customers and retained on files.

This includes:

  • tax assessment notices 
  • taxation returns
  • accountant reports etc. 

The Act provides that a breach of the Guidelines is an interference with the privacy of an individual.

Apart from penalties provided for by the Privacy Act, unauthorised use or disclosure of tax file numbers is an offence under the Taxation Administration Act 1953 with a penalty of up to $10,000 fine; 2 years imprisonment; or both.


Allens home | Privacy home | Top of page | Disclaimer | Privacy | Sitemap
Allens Arthur Robinson - a leading international law firm
© 2008 Allens Arthur Robinson, Australia | contactus@aar.com.au

 Allens Arthur Robinson - Clear Thinking