Commonwealth Consolidated Acts

[Index] [Table] [Search] [Search this Act] [Notes] [Noteup] [Previous] [Download] [Help]

TRANS-TASMAN MUTUAL RECOGNITION ACT 1997 - SCHEDULE 5

Privacy of information collected under the Act

Note:   See section   39.

Part   1 -- Interpretation

 

1   Interpretation

    In this Schedule:

"consent" means express consent or implied consent.

"individual" means a natural person.

"individual concerned" , in relation to personal information or a record of personal information, means the individual to whom the information relates.

"personal information" means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.

"record" means:

  (a)   a document; or

  (b)   a database (however kept); or

  (c)   a photograph or other pictorial representation of a person;

but does not include:

  (d)   a generally available publication; or

  (e)   anything kept in a library, art gallery or museum for the purposes of reference, study or exhibition; or

  (f)   letters or other articles in the course of transmission by post.

"solicit" , in relation to personal information, means request a person to provide that information, or a kind of information in which that information is included.

"use" , in relation to information, does not include mere disclosure of the information, but does include the inclusion of the information in a publication.

Part   2 -- Principles

 

2   Solicitation of personal information from individual concerned

    Where:

  (a)   a local registration authority collects personal information under this Act; and

  (b)   the information is solicited by the authority from the individuals concerned;

the authority must ensure that the forms issued to individuals in connection with collecting the information specify:

  (c)   the purpose for which the information is being collected; and

  (d)   any person to whom, or any body or agency to which, it is the authority's usual practice to disclose personal information of the kind so collected, and (if known by the authority) any person to whom, or any body or agency to which, it is the usual practice of that first - mentioned person, body or agency to pass on that information.

3   Storage and security of personal information

    A local registration authority who has possession or control of a record that contains personal information must ensure:

  (a)   that the record is protected, by such security safeguards as it is reasonable in the circumstances to take, against loss, against unauthorised access, use, modification or disclosure, and against other misuse; and

  (b)   that if it is necessary for the record to be given to a person in connection with the provision of a service to the local registration authority, everything reasonably within the power of the authority is done to prevent unauthorised use or disclosure of information contained in the record.

4   Limits on use of personal information

  (1)   A local registration authority who has possession or control of a record that contains personal information that was obtained under this Act for a particular purpose must not use the information for any other purpose unless:

  (a)   the individual concerned has consented to use of the information for that other purpose; or

  (b)   use of the information for that other purpose is required or authorised by or under law; or

  (c)   use of the information for that other purpose is reasonably necessary for enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of the public revenue.

  (2)   Where personal information is used for enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of the public revenue, the local registration authority must include in the record containing that information a note of that use.

5   Limits on disclosure for personal information

  (1)   A local registration authority who has possession or control of a record that contains personal information must not disclose the information to a person, body or agency (other than the individual concerned) unless:

  (a)   the individual concerned is reasonably likely to have been aware, or made aware under the principle set out in clause   2, that information of that kind is usually passed to that person, body or agency; or

  (b)   the individual concerned has consented to the disclosure; or

  (c)   the disclosure is required or authorised by or under law; or

  (d)   the disclosure is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of the public revenue.

  (2)   Where personal information is disclosed for the purposes of enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the purpose of the protection of the public revenue, the local registration authority must include in the record containing that information a note of the disclosure.

  (3)   A person, body or agency to whom personal information is disclosed under subclause   (1) must not use or disclose the information for a purpose other than the purpose for which the information was given to the person, body or agency.

AustLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback