This article is 12 years old. Images might not display.
The privacy rules come into effect on March 12, replacing existing privacy policy and implementing large fines of up to $1.7 million for companies that fail to meet the standard.
"For the first time under Australian information privacy law, organisations have an express obligation to take positive steps to adopt practices and systems to protect personal data in accordance with the APPs," Protiviti IT security and privacy director Aaron Greenman said.
Companies will need to ensure they have processes to deal with the way they handle privacy, including complaints, disclosure to overseas parties and security.
Privacy commissioner Timothy Pilgrim indicated that he would not be lenient in the use of his new power come March 12 due to the policy being in the public domain for some time, giving companies more than a year to prepare.
"This has been a trend globally around tightening privacy principles for industry and for government," Greenland said.
"The [Australian] Privacy Act was put together in 1988, which is some time ago and I guess a lot of things have moved on since then, especially in the technology space.
"There certainly has been a fairly complacent culture in Australia around information management for some time.
"Certainly, over the last few years I've seen that getting a lot better than it was but this is just the Australian government aligning to the global standard of penalties and that kind of thing."
Protiviti has released a number of tips for adhering to the new rules, one of which is establishing governance mechanisms to ensure compliance through the appointment of designated privacy officers.

