Assessment of ABC IT Company's Privacy Policy and Recommendations

Verified

Added on 2022/10/19

AI Summary

This report analyzes the privacy policy of ABC IT Company, focusing on its compliance with the Australian Privacy Act 1988. The report, prepared by a student, examines the company's adherence to key principles such as data collection, use, disclosure, and security, as well as the handling of sensitive information. It highlights the legal responsibilities of the company, particularly if it is a private sector entity with an annual turnover exceeding $3 million. The report identifies areas where the policy aligns with the Act and areas needing improvement, such as the correct channel for complaints. The student provides suggestions for enhancing the policy's effectiveness, emphasizing the importance of data minimization, lawful collection methods, and the proper disposal of obsolete information. The report also mentions the crucial role of the Privacy Commissioner and the need for clear guidelines on handling privacy breaches. Finally, the report references relevant academic sources to support its findings and recommendations.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

IT Networking Design
Introduction:
As an IT consultant working for ABC IT Company the manager has assigned a task to review
the Privacy Policy of ABC IT Company. It is required to review this policy and report on its
compliance with the privacy legislation ( as per Australian Privacy Act, 1988).
Review:
It is the legal responsibility of the ABC IT Company to have a Corporate Privacy Policy if it
is a private sector company or a non-profit organisation having an annual turnover greater
than $3 million (Svantesson 2010). The 10 steps to protect other people’s personal
information include the collection, use and disclosure, information quality and security,
openness, access and correction, identifiers, anonymity, trans border data flows and sensitive
information (Tucker 1992). The data collected, stored and destroyed is as per the policy
requirement (Otlowski 2007). The information must not be disclosed, if it does not involve
business dealing related data. The employee responsibility is marked as per the policy, but
just Privacy Commissioner must be approached in case of any concern. There is no need of
signing the confidentiality agreement by the sub-contractor as per the Australian Privacy Act,
1988.
There are some alterations which can be made in the policy.
The organisation cannot collect any information if it is not necessary for any of its function or
activity. The data that ABC IT Company is collecting must be useful for any function or
activity. If it is not so, then the company cannot collect that information. The personal
information must be collected in lawful manner. The personal information of an individual
must be collected from him only and not from any other person or organisation.
The personal information of an individual can be disclosed by the organisation only under
certain restrictions like if the information is not a sensitive information. If any personal
information is of no use, it is the responsibility of the company to destroy it timely.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Suggestions:
Some suggestions are : In the section ‘Dealing with Complaints’, it is mentioned to contact
the Human Resources Department, but it must be reported to the Privacy Commisioner
(Sibthorpe 1995). An individual can contact the Privacy Commissioner if he feels that his
privacy is being interfered by any act or any practice. The privacy policy designed by the
company is good to some extent but can be made better by implementing these small
changes. It is helpful to maintain the integrity, confidentiality and availability of the
information.
References
Svantesson, D. and Clarke, R., 2010. Privacy and consumer risks in cloud
computing. Computer law & security review, 26(4), pp.391-397.
Tucker, G., 1992. Information privacy law in Australia (pp. 59-137). London: Longman
Professional.
Otlowski, M.F., 2007. Disclosure of genetic information to at‐risk relatives: recent
amendments to the Privacy Act 1988 (Cwlth). Medical Journal of Australia, 187(7), pp.398-
399.
Sibthorpe, B., Kliewer, E. and Smith, L., 1995. Record linkage in Australian epidemiological
research: health benefits, privacy safeguards and future potential. Australian journal of public
health, 19(3), pp.250-256.