February 22 is an important date for start-ups and small business owners, it is the date that the Privacy Amendment (Notifiable Data Breaches) Act 2017 comes into full effect.
Okay, so what does that mean for you and your business?
Basically, this Act applies to you if you have a business that provides a health service or service that collects TFNs or a health service that involves any of the following:
- assessing, maintaining or improving a person’s physical or psychological health; or
- where a person’s health cannot be maintained or improved – managing the person’s health;
- diagnosing or treating a person’s illness or disability; or
- recording a person’s health for the purposes of assessing, maintaining, improving or managing the person’s health;
- dispensing a prescription drug or medicine by a pharmacist.
This affects businesses such as:
- Remedial massage therapist
- Yoga teacher
- healer using any modality
- personal trainer
- Any complementary or allied health or therapy service
- Or a tax agent or accountant or your service requires you to collect tax file numbers.
What is a notifiable data breach?
1. unauthorised access to, or unauthorised disclosure of personal information, or a loss of personal information, that a business holds;
2. That is likely to result in serious harm to someone;
3. and where the business has not been able to prevent the likely risk of serious harm with remedial action. (‘Serious harm’ can be psychological, emotional, physical, reputational, or other forms of harm.)
This is it in a nutshell. This is not individual advice. There are a lot of elements to this amendment that do not apply to everyone and will apply to some depending on your individual businesses.
Feel free to ask questions in the post comments or message me if you need to discuss any issues particular to your circumstances.
Lawyer, Contract Specialist, Speaker & Advocate for Women in Business.
Drawing on more than 15 years’ experience as a lawyer and a woman in business, Shalini Nandan-Singh helps Australian service-based entrepreneurs protect their businesses and their bottom lines with empowered legal advice and contracts.
Encouraging listeners to #loveyourlegals, Shalini firmly believes that business legals should be an authentic extension of your business. Her goal is to educate audiences that, rather than confusing legalese, business legals should be an authentic extension of your business, creating positive business boundaries that support you in working with your clients with compassion and understanding.
Disclaimer: This blog is written to support business owners to consider legal requirements and issues that may arise in business. The information provided is for general and educational purposes only. It is not intended as legal advice for your individual circumstances. Please consult your lawyer for advice specific to you and your business.