Shockingly, the OAIC found that 55% of the policies reviewed did not meet one or more of the basic content requirements under APP 1.4 (the Australian Privacy Principle which governs the content of and form of APP privacy policies). These organisations and agencies are not alone – many organisations and agencies are yet to take the necessary steps to update their privacy policies.
What kind of privacy policies were those companies and organisations supposed to have?
What else did the OAIC find?
Lavan Legal comment