Login
Sign up
Logout
Login
Login
Member Login
Portal Login
t

Home

Insight

Services

Knowledge Base

Contact
  • Hints and Tips, Knowledge Base

Personal information consent form

  • Published 16 July 2019
  • Updated 10 March 2022
A group of business people

Privacy laws have become quite onerous, especially where personal information is stored on computers or passed on to others for legal or industry compliance purposes.

Did you know that company-issued information such as an employee’s email address, employee ID, company phone numbers etc is considered to be personal information!

To achieve industry compliance you may also have been sharing professional licenses of your staff with your customers. As a result, you may have been passing on personal information such as name, date of birth, address, photo etc. If so, it is quite possible that your organisation could be breaching some privacy laws – by providing personal information of your staff to third parties without their express written consent.

The fact that the information must be passed on to your customer to make your organisation compliant with industry regulations may not be seen as an excuse for breaching privacy laws. We have to be compliant with both.

To ensure your organisation is compliant, we suggest you obtain written consent from your staff that allows you to store their personal information, internally or externally, for as long as your organisation or customers reasonably require and allows you to provide their company-related personal information to customers and regulators where your organisation is required to do so.

We developed an example form for Australian legislation so if you come under other legislation, please amend the form. Also, please be aware that we take no responsibility for how you use the attached consent form or whether it satisfies satisfy your organisation’s legal obligations. We, therefore, recommend that you seek your own legal advice around privacy law compliance.

And finally – even if you store staff personal information on paper, your own databases, or external databases like Strytex, we strongly recommend that your organisation obtain a signed statement of consent from every relevant staff member whose company-related personal information is going to be provided to third parties. And where better to store your signed consent forms than your Strytex Member Site.

We hope this helps. Happy complying!

  • Copyright © Strytex Pty Ltd 2023

Nigel Dalton-Brown, GAICD, AMIIA, MBA

Managing Director, Chair, Speaker, Lecturer, Author

Nigel is the Founder of Strytex and has been presenting and writing on Goverence, Obligational Awarenss, Risk Management and Compliance administration (GORC) since 2010.

Leave a Comment

So what's next?

Take a look around and get in touch​.

Strytex will help your organisation get ready for ISO 37301 accreditation before your competitors so you can increase your market share, reduce your risk and make customers, shareholders and regulators happy.

Book An Appointment
Explore Our Insights​
Check The Knowledge Base​

Be Part Of The Discussion ​ And Join The Community!

Login/Sign up

Subscribe To Our Newsletter​

We turn your red tape into your competitive advantage
Melbourne, Australia

pages

Insights

The term ‘non-financial risk’ (NFR) should be banned

A global survey into Supplier Compliance Management – May 2010

© 2023 Strytex. All Rights Reserved