What can the Privacy Commissioner do about breaches of privacy...

Individuals have the right to access personal information that an organisation holds about them.  Since the new Privacy Act came into force on 1 December 2020, the Privacy Commissioner now has the power to order that access to an individual’s personal information is given if the organisation refuses to do so.

The Privacy Commissioner can also issue a Compliance Notice to organisations that fail to comply with their obligations under the Privacy Act.  A Compliance Notice can require an organisation to do something to comply, or to stop doing something so that they comply.  Both of those orders can be appealed to the Human Rights Tribunal. 

The Privacy Commissioner can also seek that organisations and individuals be fined up to $10,000 for:

(a)  Failing to comply with a Compliance Notice;

(b)  Destroying personal information that has been requested;

(c)  Failing to notify the Privacy Commissioner of a “notifiable” privacy breach that has caused, or is likely to cause, serious harm; or

(d)  Misleading an agency to access someone else’s personal information, for example, impersonating that person.

The Privacy Commissioner is now able to make decisions on breaches of privacy which will greatly speed up the process for people complaining about breaches. 

Leading law firms committed to helping clients cost-effectively will have a range of fixed-price Initial Consultations to suit most people’s needs in quickly learning what their options are.  At Rainey Collins we have an experienced team who can answer your questions and put you on the right track.