Released every month our debt collection blog contains news, stories and tips to keep you informed.
It should be noted that APP 11.2 imports an obligation to destroy or de-identify personal information. Australian Privacy Principal 1 requires all APP entities to take reasonable steps to implement practices, procedures and systems relating to the entity's functions that will ensure the entity complies with the APPs and any binding registered APP Code.
LCollect is currently undertaking steps to ensure we can delete or de-identify personal information no longer required to be held by any other law. As we are largely a paperless office, this exercise is largely an IT one and developing the correct programming parameters for the deletion of data.
LCollect has also raised this issue with our industry body (the Institute of Mercantile Agents (IMAL)) to ensure all mercantile agencies including process servers, field agents etc are across this obligation..
Australian Privacy Principle 11 — security of personal information
11.1 If an APP entity holds personal information, the entity must take such steps as are reasonable in the circumstances to protect the information:
(a) from misuse, interference and loss; and
(b) from unauthorised access, modification or disclosure.
(a) an APP entity holds personal information about an individual; and
(b) the entity no longer needs the information for any purpose for which the information may be used or disclosed by the entity under this Schedule; and
(c) the information is not contained in a Commonwealth record; and
(d) the entity is not required by or under an Australian law, or a court/tribunal order, to retain the information;
the entity must take such steps as are reasonable in the circumstances to destroy the information or to ensure that the information is de-identified.