Privacy implications for family historians
Despite what you may have been told, Family History Organisations
and private individuals (as defined by Section 6C(1) of
the Privacy Act) are required to comply with the new private
sector provisions of the Australian Privacy Act that came
into effect on 21 December 2001.
Of course this is nothing new as people have always had
the right under common law to take anyone to task if they
are aggrieved, regardless of any new privacy laws. The difference
now is that the enactment of such laws has raised people's
awareness and they may be tempted to undertake civil action.
Regardless of whether they are successful or not, there
would be very few individuals or societies and their management
teams keen to endure such an ordeal!
The Privacy Act applies to personal information, which is
information about any identifiable individual. We are now
subject to the act and so we may as well get used to it!
If you wish to make yourself more familiar with all of the
issues, check out the web site of the Office of the Federal
Privacy Commissioner at: www.privacy.gov.au
It should be noted that Australia has an obligation to the nation to legislate privacy protection in the private sector since they signed the OECD Privacy Guidelines.
The objects of the Privacy Act are...
1. To establish a single scheme relating to the appropriate collection, holding, use, correction, disclosure and transfer of personal information held by government and private sector organisations.
2. To meet international obligations in regard to personal information.
3. To recognise the individual _s interest in protecting their privacy.
As far as the reader is concerned there are just a few issues they need to take into account when collecting and distributing their research findings and they only apply to living people...
1. Gain written permission from the individual to use or store their personal information.
2. Only use the information for the purpose you said for which you were collecting it.
3. Do not pass on the data to another party unless specific written permission is given.
4. Allow the person to update their information if they request.
5. Respect an individual's right to require non-disclosure of personal data.
The Act clearly defines personal information and it is covered by these criteria include using the person's name in conjunction with a:
1. private address, and/or,
2. telephone number, and/or,
3. credit, financial and/or banking record or details, and/or,
4. parent or child's name, and/or,
5. record of birth, marriage or death, and/or,
6. motor vehicle registration record, and/or,
7. health or medical record, and/or,
8. employment record, and/or,
9. any material about the individual which may lead to disclosure of any of the above or any material deemed sensitive as defined in Section 6 of the Privacy Act or any material which an individual deems to be private and have advised accordingly.
Sensitive information is a subset of personal information. It means information or opinion about an individual _s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or health information about an individual.
The criteria only apply to living people except where as indicated in #4 above the identification of a deceased person may reveal personal data of a living person.
The requirements of the Act are not retrospective and you need only address issues from 21 Dec 2001. There are examples where retrospectivity does apply to present and past living members records as outlined above.
Graham Jaunay BA DipT MACE AAGRA
|
