top of page
Search

Privacy Law Reform: What It Means for Your Business

  • Writer: Faye Absalon
    Faye Absalon
  • Aug 29
  • 2 min read

From August 2025, new reforms to the Privacy Act are now in effect. These changes give individuals, including employees, the right to take legal action if their privacy is seriously invaded.


For small businesses, this means that even if existing privacy laws did not previously apply, there is now a wider responsibility to protect staff information and avoid intrusive practices.


The new law recognises two main kinds of breaches:


  • Intrusion into seclusion, such as hidden cameras, monitoring personal emails or webcams without consent, or checking an employee’s location outside work hours without a lawful reason.

  • Misuse of personal information, such as sharing someone’s medical history with others, mishandling payroll or identification data, or posting personal details online without their knowledge.


Even an accidental mistake, like sending sensitive HR records to the wrong person and not correcting it quickly, could now lead to legal action. Importantly, a business can be held responsible even if it was a single staff member who caused the issue.


The consequences can be serious. Businesses may face:


  • Damages of up to $478,550 for a single claim

  • Court orders requiring changes, corrections, or even formal apologies

  • Reputational damage if the issue becomes public


While the employee records exemption under the Privacy Act still exists, it only covers some information collected during employment. These new rules reach further and apply whenever staff privacy is not properly respected or secured.


This is the time to:


  • Review your privacy and IT systems, especially how data is stored and who has access

  • Train managers and staff on appropriate handling of sensitive information

  • Be cautious with surveillance tools or trackers, and only use them for clear and lawful purposes

  • Encourage a workplace culture where staff respect personal information and avoid casual sharing of private details


This reform is not just about compliance. Employees now expect their privacy to be taken seriously. By being transparent, careful, and respectful, you can reduce legal risk while also building stronger trust in your workplace.


Disclaimer: This article is intended to provide general guidance and is not specific advice. We encourage you to seek tailored advice for your circumstances.

 

Comments

bottom of page