Skip to content
English
Contact
  • There are no suggestions because the search field is empty.

What Data Types should I record for compliance with the Australian Privacy Act?

Complying with the Australian Privacy Act means managing personal information responsibly. A critical part of this is keeping a detailed record of the data types your organisation collects and handles. This article will guide you through some key data types you should consider recording to ensure compliance.

Please keep in mind that this article is general in nature only. Professional advice should be sought on specific matters, and with lawyers under Costs Agreement and to which Legal Professional Privilege (LPP) applies.

 

1. Personal Identification Information

This includes any information that can be used to identify an individual. Examples include:

  • Full names
  • Date of birth
  • Address (physical and email)
  • Phone numbers
  • Driver’s license, passport, or other government-issued IDs

Why record it?
Personal identification information is central to privacy compliance. Keeping accurate records helps ensure this data is collected, used, and stored properly.

2. Sensitive Information

Sensitive information is a special category under the Privacy Act and requires extra protection. This includes:

  • Health information
  • Racial or ethnic origin
  • Political opinions
  • Religious beliefs
  • Sexual orientation
  • Criminal records

Why record it?
Sensitive information has stricter requirements under the Privacy Act. Recording it ensures your organisation applies the necessary safeguards.

3. Financial Information

This includes any data related to an individual’s financial status, such as:

  • Bank account details

  • Credit card numbers

  • Payment histories

Why record it?
Financial information is highly sensitive and a prime target for breaches. Properly recording this data helps ensure it's protected and used only for intended purposes.

 

4. Employment Information

For organisations handling employee data, this includes:
  • Employment history
  • Salary details
  • Tax file numbers
  • Superannuation details

Why record it?
Employment information is essential for managing HR functions but must be handled in compliance with the Privacy Act.

5. Contact Information

Apart from personal identification, other contact details might include:

  • Emergency contact numbers
  • Business addresses
  • Email subscriptions and preferences

Why record it?
Accurately recording contact information ensures you can manage communications in line with individual preferences and legal obligations.

6. Customer and Client Data

For businesses, this involves any data collected during transactions or service delivery, such as:

  • Purchase history
  • Service inquiries
  • Feedback and reviews

Why record it?
Maintaining a record of customer data helps in providing better services while ensuring compliance with privacy laws.

7. Location Data

Any data that shows the physical location of an individual, such as:

  • GPS coordinates
  • IP addresses
  • Billing addresses

Why record it?
Location data is personal information and must be handled with care to avoid privacy breaches.

8. Biometric Data

This includes unique physical characteristics used for identification, like:

  • Fingerprints
  • Facial recognition
  • Voice recognition

Why record it?
Biometric data is highly sensitive and requires strict controls under the Privacy Act.

Keeping a detailed record of these data types is essential for ensuring compliance with the Australian Privacy Act. Not only does it help you meet legal requirements, but it also strengthens your organisation's data management practices, safeguarding against potential breaches and maintaining trust with individuals whose data you handle.