If your business has an annual turnover of over $3 million, then it needs to comply. The Privacy Act 1988* currently protects personal information handled by large businesses and health service providers of any size
If your RTO has an annual turnover of $3 million or less AND is it either:
- a health service provider?
- related to a larger business?
- a contractor that provides services under a Commonwealth contract?
If so, your RTO may need to comply with the Privacy Act.
There is a checklist that the Office of the Australian Commissioner (OAIC) has prepared here.
The steps in the Checklist should help you decide if your small business needs to comply with the Privacy Act. If you are still not sure if your business needs to comply you may need to get more advice from your lawyer or other advisers.
Specific state information
To find out more about the privacy regulation in the States and Territories, go to this link.