<html dir="ltr"><head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-2022-jp">
<style id="owaTempEditStyle"></style><style title="owaParaStyle"><!--P {
MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px
}
--></style>
</head>
<body ocsi="x">
<div style="FONT-FAMILY: Tahoma; DIRECTION: ltr; COLOR: #000000; FONT-SIZE: 13px">
<div></div>
<div dir="ltr"><font color="#000000" size="2" face="Tahoma">Hi Folks,</font></div>
<div dir="ltr"><font size="2" face="tahoma"></font> </div>
<div dir="ltr"><font size="2" face="tahoma"> Just looking at Checkpoints 2010 and Q3 in Ch 5 on Legal and Ethical responsibilities of Organisations :</font></div>
<div dir="ltr"><font size="2" face="tahoma"></font> </div>
<div dir="ltr"><font size="2" face="tahoma">Q3) A website that collects data from a user must display a privacy policy under the Privacy Act 1988. What information much be contained in the privacy policy ?</font></div>
<div dir="ltr"><font size="2" face="tahoma">Suggested answer: a) the data to be gathered by the site</font></div>
<div dir="ltr"><font size="2" face="tahoma"> b) how the organisation intends to use the data</font></div>
<div dir="ltr"><font size="2" face="tahoma"> c) An option for the user to disallow the collected data to be used for other purposes.</font></div>
<div dir="ltr"><font size="2" face="tahoma"></font> </div>
<div dir="ltr"><font size="2" face="tahoma"> Now, under NPP 5, </font></div>
<div dir="ltr"><font size="2"><b><font size="3"></font></b></font> </div>
<font size="2"><b><font size="3">
<div dir="ltr">
<dir>
<dir>
<dir>
<b><font size="3">
<p align="left">5 Openness </p>
</b></font><font size="2" face="Arial,Arial"><font size="2" face="Arial,Arial">
<p align="left">5.1 An organisation must set out in a document clearly expressed policies on its management of personal information. The organisation must make the document available to anyone who asks for it.
</p>
</dir>
</dir>
</dir>
</div>
<blockquote style="MARGIN-RIGHT: 0px" dir="ltr">
<blockquote style="MARGIN-RIGHT: 0px" dir="ltr">
<blockquote style="MARGIN-RIGHT: 0px" dir="ltr">
<p>5.2 On request by a person, an organisation must take reasonable steps to let the person know, generally, what sort of personal information it holds, for what purposes, and how it collects, holds, uses and discloses that information.
</p>
<p><font face="arial"></font> </p>
</blockquote>
</blockquote>
</blockquote>
<p dir="ltr"><font face="arial">and NPP 2, </font></p>
<p align="left"> </p>
<dir>
<dir>
<dir>
<p align="left"><b><font size="3">2 Use and disclosure </p>
</b></font><font size="2" face="Arial,Arial"><font size="2" face="Arial,Arial">
<p align="left">2.1 An organisation must not use or disclose personal information about an individual for a purpose (the
</font></font><b><i><font size="2" face="Arial,Arial"><font size="2" face="Arial,Arial">secondary purpose</b></i></font></font><font size="2" face="Arial,Arial"><font size="2" face="Arial,Arial">) other than the primary purpose of collection unless:
</p>
<dir>
<dir>
<p align="left">(a) both of the following apply: </p>
<dir>
<p align="left">(i) the secondary purpose is related to the primary purpose of collection and, if the personal information is sensitive information, directly related to the primary purpose of collection;
</p>
<p align="left">(ii) the individual would reasonably expect the organisation to use or disclose the information for the secondary purpose; or
</p>
</dir>
</dir>
</dir>
</dir>
</dir>
</dir>
<blockquote style="MARGIN-RIGHT: 0px" dir="ltr">
<blockquote style="MARGIN-RIGHT: 0px" dir="ltr">
<blockquote style="MARGIN-RIGHT: 0px" dir="ltr">
<blockquote style="MARGIN-RIGHT: 0px" dir="ltr">
<blockquote style="MARGIN-RIGHT: 0px" dir="ltr">
<p>(b) the individual has consented to the use or disclosure; or </p>
<p><font face="arial"></font> </p>
<p><font face="arial">a long list follows ......</font></p>
<p><font face="arial"></font> </p>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<p dir="ltr"> I am just wondering if the original question has missed the point about;</p>
<p dir="ltr"><font face="arial"></font> </p>
<p dir="ltr"><font face="arial"> a) the nature of the organisation ... private or government ?
</font></p>
<p dir="ltr"><font face="arial"> b) if private, the issue about turnover required to be greater than $3 million per year</font></p>
<p dir="ltr"><font face="arial"> c) no mention of trading in personal information or collecting health information therefore more likely privacy laws do not apply if under $3 million</font></p>
<p dir="ltr"><font face="arial"> d) An option for the user to disallow the collected data to be used for other purposes .... suggests disclosure for other purposes is the default position and the user has to make the effort to veto it rather than the other
way around.</font></p>
<p dir="ltr"> </p>
<p dir="ltr"><font face="arial"></font> </p>
<p dir="ltr"><font face="arial"></font> </p>
<p dir="ltr"><font face="arial">Kind Regards</font></p>
</blockquote>
</font></font>
<p dir="ltr"><font face="arial"></font> </p>
</font></font></b></font></font>
<div dir="ltr"><font size="2" face="tahoma"></font> </div>
<div dir="ltr"><font size="2" face="tahoma"></font> </div>
<div dir="ltr"><font size="2" face="tahoma"></font> </div>
<div><font size="2" face="Tahoma">Kevork Krozian<br>
<font face="tahoma">Digital Learning Manager</font><br>
<font face="tahoma">Forest Hill College</font></font></div>
<div><font size="2" face="tahoma"><a href="mailto:k.krozian@fhc.vic.edu.au">k.krozian@fhc.vic.edu.au</a><br>
<font face="tahoma">Tel: 0419 356 034</font></font></div>
</div>
</body>
</html>