Privacy of Society and Charity Records

2011 Article, updated November 2017 The problem – ignorance about the Privacy Act 1993 For many lawyers and other professionals the implications of the Privacy Act 1993 are scarcely “top of mind,” or particularly well-known and well-understood.  Briefly, the Privacy Act controls how what are called “agencies” in the Act collect, use, disclose, store and give access to “personal information.”  An “agency” is “any person or body of persons, whether corporate or unincorporate, and whether in the public sector or in the private sector …” so the Act clearly covers incorporated and unincorporated societies and charities. In response to my request for topics for this series of articles some years ago, a staff member at the Privacy Commissioner’s office advised me that they receive a number of complaints about how small organisations like charities and societies handle privacy issues such as requests for personal information.  Such privacy issues usually arise in the context of disputes between members, or between the committee and members.  As is normal with most community organisations, the committee and officers are usually volunteers and don’t know what to do and, frequently, make a mess of things. Clearly, knowing about the Act and what to do about privacy issues should save amount of time, anguish and stress. So what is “personal information” under the Privacy Act? Anything about an identifiable, living human being is personal information, and it doesn’t have to be in any way sensitive or “private.”  For societies and charities personal information may include information about members and former members (name, home, postal and email addresses and phone numbers, offices held, awards, skills, references, and photographs), but...