Are You Doing Enough
to Protect Your Employees’ Personal Information?
 Protecting personal information is increasingly important in today’s world where such information can be easily stolen or misused. As an employer who collects personal and potentially sensitive information about your employees, have you taken a minute to think about what you can do to protect their personal information and privacy rights?
Most Australian organisations have obligations under
the Privacy Act to treat personal information more carefully than other types of information. If you’re unsure whether the Privacy Act applies to your organisation, visit the website of the Office of the Australian Information Commissioner (OAIC) and access their business guidance resources at www.oaic.gov.au
Personal information can be any information about an individual including a person’s name, birthday, bank account details, superannuation member number or even where they work. Some information may also be sensitive, such as membership of professional associations and/or trade unions, health records, religious beliefs, and more.
By sharing such information, intentionally or not, you are exposing your employees and your organisation to potentially serious consequences, such as:
• Identity theft and fraud
• Harassment
• Lawsuits and/or penalties
• Reputational and/or financial loss
 Don’t expose your business to such risks. Here are some dos and don’ts when it comes to protecting your employees’ information and your business:
  DOs
DON’Ts
  Store personal information and confidential documents in locked file cabinets or on a secure IT system.
Don’t share employees’ personal information with third parties, unless necessary (e.g. when required by government agencies or only when authorised by employees).
  Minimise personnel access to employees’ personal information and confidential files.
 Don’t publish employees’ personal information (e.g. personal mobile numbers, emails, etc.) unless authorised to do so.
  Securely dispose of personal and confidential information when it is no longer required for any business or legal purpose.
  Don’t retain personal data when it is no longer required for any business or legal purpose.
   This article was brought to you by Cbus, the industry super fund for building, construction and allied industries as guidance only and does not constitute as advice. Cbus encourage employers to seek their own independent legal advice in relation to privacy obligations. For more information about Cbus visit www.cbussuper.com.au or call us on 1300 361 784. Cbus’ Trustee: United Super Pty Ltd ABN 46 006 261 623 AFSL 233792 Cbus ABN 75 493 363 262.
The Master Painter Autumn 2019 37
IIndustry News