A legal expert provides a practical guide to help brokers follow Australia's privacy laws
Founder and principle solicitor of Aquarius Lawyers, Katherine Hawes has over 20 years’ legal and business experience and explains how Australia's privacy laws apply to brokers.
Privacy law is complex. Australia is complex. Unfortunately, there is not one specific law which covers all aspects of Privacy Legislation.
Therefore, as mortgage broker who is collecting sensitive and confidential information about your clients you need to be aware of a wide range of acts including the following:
Privacy
Mortgage brokers must conduct their business in a fair, honest and transparent manner and they held accountable for the work that they do. This includes ensuring that your customers have access to PDS and other relevant information in order to make informed decisions about a mortgage. In addition, you should always have your customers best interests in mind by recommending the most suitable loans to them, not just the loan which gives the best commission!
Another requirement of the Privacy Act relates to the collection of information. You should only collect information that is reasonably necessary in order to complete a loan application. This means that you should not be collecting information that is irrelevant such as the dog's birthday so you can send them a card on that day as part of your marketing. The information collected is for the purpose of the loan not to enhance your database of clients.
Keep in mind that the customer can always request to access any information provided to you that is used in an application or claim. If any of the information provided is found to be incorrect, the customer also has the right to request that they information be corrected.
Any personal information you collect but also be kept confidential and in a safe place. Furthermore, the information collected must only be used in the agreed capacity as part of the loan application. It should not be used for any other purpose unless the customer explicitly gives consent.
In the event that you sell the business you also need to ensure that within the contract for sale it includes your database of client’s information.
Privacy in practice
To ensure that you are abiding by Australian privacy laws, it is good practice to e include a confidentiality clause in your customer contracts. For example:
Confidential Information includes any information, data or practice pertaining to a party, or customer, or insurer, or insurance broker which a party becomes aware of when negotiating or performing this agreement for the issuing of insurance policies. It does not include information that is available to the public or that later becomes available to the public (unless it became available to the public due to a breach of this agreement)
If you have a website, you also need to include your Privacy Policy. This should include the following information:
Mortgage brokers may use social media such as Facebook, Google + and Twitter to market their business and also keep their customers informed about anything which may impact them such as policy changes or updates. When posting anything online, you should question whether you would publicize what you are about to say in the Sunday newspaper. If you decide that you wouldn’t, then you shouldn’t post it online either!
When it comes to your staff, It is important that they also understand that they cannot post any information about their clients. Even if they don’t name the actual client, if people can piece together the identity of the client then it is classified as a breach. For example, if a post states that they helped their next door neighbor with a $1 million business loan and they saved them a huge amount of cash - it would also be a breach of personal information. Also remember that even if you attend industry or networking events, you can't discuss your clients personal information. This includes whether they are getting divorced or having a major operation or buying an investment property!
Always remember that social media is easily accessed by millions of people around the world. While this can be a huge advantage for creating awareness of your business’ brand, you need to be careful, because if you reveal something that you shouldn’t, it can spread to millions of people in no time! Therefore, your social media profile should not interfere with anybody’ privacy or confidentiality. In regard to confidentiality, you should ensure that you do not reveal trade secrets online as this could be extremely damaging to your competitive edge.
With over 20 years’ legal and business experience, Katherine Hawes is the founder and principle solicitor of Aquarius Lawyers.To find out more about her fixed rate small business packages, please see www.newagelegalsolutions.com.au
Privacy law is complex. Australia is complex. Unfortunately, there is not one specific law which covers all aspects of Privacy Legislation.
Therefore, as mortgage broker who is collecting sensitive and confidential information about your clients you need to be aware of a wide range of acts including the following:
- Personal Properties Securities Act 2009
- National Credit Act 2010
- National Consumer Credit Protection Act 2009
- Corporations Act
- Responsible Lending Criteria
- MFAA Code of Practice
Privacy
Mortgage brokers must conduct their business in a fair, honest and transparent manner and they held accountable for the work that they do. This includes ensuring that your customers have access to PDS and other relevant information in order to make informed decisions about a mortgage. In addition, you should always have your customers best interests in mind by recommending the most suitable loans to them, not just the loan which gives the best commission!
Another requirement of the Privacy Act relates to the collection of information. You should only collect information that is reasonably necessary in order to complete a loan application. This means that you should not be collecting information that is irrelevant such as the dog's birthday so you can send them a card on that day as part of your marketing. The information collected is for the purpose of the loan not to enhance your database of clients.
Keep in mind that the customer can always request to access any information provided to you that is used in an application or claim. If any of the information provided is found to be incorrect, the customer also has the right to request that they information be corrected.
Any personal information you collect but also be kept confidential and in a safe place. Furthermore, the information collected must only be used in the agreed capacity as part of the loan application. It should not be used for any other purpose unless the customer explicitly gives consent.
In the event that you sell the business you also need to ensure that within the contract for sale it includes your database of client’s information.
Privacy in practice
To ensure that you are abiding by Australian privacy laws, it is good practice to e include a confidentiality clause in your customer contracts. For example:
- Unless otherwise stipulated in this clause, the parties to the contract must not disclose confidential information.
- The confidential information collected by us will only be used for the agreed purpose or as required by law.
- If a court, regulatory body or government requests access to confidential information, only the necessary information will be disclosed. Also, the party disclosing the information should advise the other party involved prior to disclosing this information.
- The parties to the contract are permitted to reveal confidential information to certain people or agencies such as other insurer, accountants and advisors.
- This clause survives termination.
Confidential Information includes any information, data or practice pertaining to a party, or customer, or insurer, or insurance broker which a party becomes aware of when negotiating or performing this agreement for the issuing of insurance policies. It does not include information that is available to the public or that later becomes available to the public (unless it became available to the public due to a breach of this agreement)
If you have a website, you also need to include your Privacy Policy. This should include the following information:
- How you collect personal information
- What kind of personal information is collected
- How this personal information is used
- The disclosure of information to others
- Information about customers accessing and correcting information
- How personal information is stored
- Information about the possibility of the privacy policy changing at any time, without notification.
Mortgage brokers may use social media such as Facebook, Google + and Twitter to market their business and also keep their customers informed about anything which may impact them such as policy changes or updates. When posting anything online, you should question whether you would publicize what you are about to say in the Sunday newspaper. If you decide that you wouldn’t, then you shouldn’t post it online either!
When it comes to your staff, It is important that they also understand that they cannot post any information about their clients. Even if they don’t name the actual client, if people can piece together the identity of the client then it is classified as a breach. For example, if a post states that they helped their next door neighbor with a $1 million business loan and they saved them a huge amount of cash - it would also be a breach of personal information. Also remember that even if you attend industry or networking events, you can't discuss your clients personal information. This includes whether they are getting divorced or having a major operation or buying an investment property!
Always remember that social media is easily accessed by millions of people around the world. While this can be a huge advantage for creating awareness of your business’ brand, you need to be careful, because if you reveal something that you shouldn’t, it can spread to millions of people in no time! Therefore, your social media profile should not interfere with anybody’ privacy or confidentiality. In regard to confidentiality, you should ensure that you do not reveal trade secrets online as this could be extremely damaging to your competitive edge.
With over 20 years’ legal and business experience, Katherine Hawes is the founder and principle solicitor of Aquarius Lawyers.To find out more about her fixed rate small business packages, please see www.newagelegalsolutions.com.au