|
|
[Home] [Databases] [Search] [Feedback] [Help] | |
Privacy Law Resources |
Part IIIAA--Privacy codes
(2) The Commissioner may approve a privacy code if, and only if, theCommissioner is satisfied:
(a) that the code incorporates all the National Privacy Principles or sets outobligations that, overall, are at least the equivalent of all the obligationsset out in those Principles; and
(b) that the code specifies the organisations bound by the code or a way ofdetermining the organisations that are, or will be, bound by the code; and
(c) that only organisations that consent to be bound by the code are, or willbe, bound by the code; and
(d) that the code sets out a procedure by which an organisation may cease tobe bound by the code and when the cessation takes effect; and
(e) of the matters mentioned in subsection (3), if the code sets outprocedures for making and dealing with complaints in relation to acts orpractices of an organisation bound by the code that may be an interference withthe privacy of an individual; and
(f) that members of the public have been given an adequate opportunity tocomment on a draft of the code.
(3) If the code sets out procedures for making and dealing with complaints,the Commissioner must be satisfied that:
(a) the procedures meet:
(i) the prescribed standards; and
(ii) the Commissioner's guidelines (if any) in relation to making and dealingwith complaints; and
(b) the code provides for the appointment of an independent adjudicator towhom complaints may be made; and
(c) the code provides that, in performing his or her functions, and exercisinghis or her powers, under the code, an adjudicator for the code must have dueregard for the protection of important human rights and social interests thatcompete with privacy, including the general desirability of a free flow ofinformation (through the media and otherwise); and
(d) the determinations, findings, declarations, orders and directions that theadjudicator may make under the code after investigating a complaint are thesame as those that the Commissioner may make under section 52 afterinvestigating a complaint under this Act; and
(e) the code obliges an organisation bound by the code not to repeat orcontinue conduct of the organisation declared by the adjudicator (afterinvestigating a complaint) to constitute an interference with the privacy ofthe complainant; and
(f) the code obliges an organisation bound by the code to perform an act orcourse of conduct that the adjudicator has declared (after investigating acomplaint) that the organisation should perform to redress loss or damagesuffered by the complainant; and
(g) the code requires organisations bound by the code to co-operate with theadjudicator when the adjudicator is performing functions or exercising powersunder the code; and
(h) the code requires a report (in a form satisfactory to the Commissioner) tobe prepared as soon as practicable after 30 June each year on the operation ofthe code during the financial year that ended on that 30 June; and
(i) the code requires that a copy of each report is to be given to theCommissioner within a timetable that is satisfactory to the Commissioner; and
(j) the code requires that a copy of each report is to be made available toanyone who asks for it; and
(k) the code requires the report prepared for each year to include the number,nature and outcome of complaints made to an adjudicator under the code duringthe relevant financial year; and
(l) the code identifies a person who is responsible for the requirements inthis subsection relating to the annual report for the code.
(4) In deciding whether to approve a privacy code, the Commissioner mayconsider the matters specified in guidelines issued by the Commissioner (ifany).
(5) An approval must be in writing.
(6) This section does not prevent the Commissioner approving a privacy codeif:
(a) the code also sets out:
(i) the period during which it will operate; or
(ii) the circumstances in which it will expire; and
(b) the Commissioner considers that the period or circumstances areappropriate.
(7) This section does not prevent the Commissioner approving a privacy code ifthe code is expressed to apply to:
(a) all personal information or a specified type of personal information; or
(b) a specified activity or class of activities of an organisation; or
(c) a specified industry sector and/or profession; or
(d) a specified class of industry sectors and/or professions.
(2) The day specified must not be before the day on which the approval is given.
(2) The Commissioner may approve in writing the variation.
(3) In deciding whether to approve the variation, the Commissioner mustconsider all of the matters that the Commissioner would consider in decidingwhether to approve under section 18BB a privacy code identical to the approvedprivacy code with the variation.
(4) However, if the Commissioner thinks that a variation is minor, he or sheneed not be satisfied that members of the public have been given an adequateopportunity to comment on a draft variation of the code (as would otherwise berequired by paragraph 18BB(2)(f)). Instead, the Commissioner may consult anyperson he or she thinks appropriate about the draft variation.
(5) The approval of the variation takes effect on the day specified in theapproval.
(6) The day specified must not be before the day on which the approval is given.
(a) on his or her own initiative; or
(b) on application by an organisation that is bound by the code.
(2) Before deciding whether to revoke the approval of a code or variation, theCommissioner must:
(a) if practicable, consult the organisation that originally sought approvalof the code or variation; and
(b) consult any other person the Commissioner considers appropriate; and
(c) consider the extent to which members of the public have been given anopportunity to comment on the proposed revocation.
(3) A revocation must be in writing.
(4) A revocation comes into effect on the day specified in the revocation.
(5) The day specified must not be before the day on which the revocation ismade.
(a) written guidelines to assist organisations to develop privacy codes or toapply approved privacy codes; and
(b) written guidelines relating to making and dealing with complaints underapproved privacy codes; and
(c) written guidelines about matters the Commissioner may consider in decidingwhether to approve a privacy code or a variation of an approved privacy code.
(2) The Commissioner may publish the guidelines in any way the Commissionerconsiders appropriate.
(2) The Commissioner may decide the form of the register and how it is to bekept.
(3) The Commissioner must make the register available to the public in the waythat the Commissioner determines.
(4) The Commissioner may charge fees for:
(a) making the register available to the public; or
(b) providing copies of, or extracts from, the register.
WorldLII:
Copyright Policy
|
Disclaimers
|
Privacy Policy
|
Feedback
URL: http://www.worldlii.org/int/other/PrivLRes/2000/1-00-4.html