Australian Privacy Principles Quiz and Flashcards

Questions and Answers

What is one of the requirements of open and transparent management of personal information?

Giving individuals the option to not identify themselves or use a pseudonym (correct)

Collecting personal information without individual's consent

Disclosing personal information without individual's consent

Requiring individuals to provide their identification

What applies higher standards to the collection of personal information?

Publicly available information

Non-sensitive information

Personal information of employees

Sensitive information (correct)

When can an APP entity disclose personal information for direct marketing purposes?

Only with individual's consent

At any time

If certain conditions are met (correct)

Never

What must an APP entity take reasonable steps to ensure regarding personal information it collects?

It is accurate, up to date and complete Signup and view all the answers

What is an APP entity's obligation when an individual requests access to personal information?

To provide access unless a specific exception applies Signup and view all the answers

What must an APP entity take reasonable steps to protect personal information from?

All of the above Signup and view all the answers

When can an APP entity adopt a government related identifier of an individual as its own identifier?

In limited circumstances Signup and view all the answers

What is an APP entity's obligation regarding the security of personal information?

To take reasonable steps to protect it Signup and view all the answers

What must an APP entity do with personal information in certain circumstances?

Destroy or de-identify it Signup and view all the answers

What is the purpose of the steps an APP entity must take to protect personal information before it is disclosed overseas?

To protect the personal information Signup and view all the answers

Study Notes

Open and Transparent Management of Personal Information

Individuals have the option to not identify themselves or use a pseudonym, with limited exceptions.
(APP entities must outline when personal information can be collected, with higher standards for sensitive information.

Collection and Notification

An APP entity must notify individuals about certain matters when collecting personal information.
Notification includes information about the collection, use, and disclosure of personal information.

Use and Disclosure of Personal Information

APP entities can only use or disclose personal information for direct marketing purposes if certain conditions are met.
Entities must protect personal information before disclosing it overseas.

Limited circumstances allow an organisation to adopt, use, or disclose a government-related identifier of an individual.

Quality of Personal Information

APP entities must ensure personal information is accurate, up-to-date, complete, and relevant.

Security of Personal Information

Entities must protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure.
Personal information must be destroyed or de-identified in certain circumstances.

Access to Personal Information

Entities must provide access to personal information upon request, unless an exception applies.
Entities must correct personal information about individuals upon request.

Australian Privacy Principles