What does a privacy compliance check cover?

A thorough privacy compliance check covers: data inventory (what personal information you hold), APP gap assessment (all 13 principles), privacy policy currency, collection notice adequacy, security measures, cross-border disclosure controls, and breach response readiness.

Compliance Assessment

Privacy Compliance Check
for Australian Businesses

A structured privacy compliance check tells you exactly where your business stands against the Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles. Stop guessing — know your gaps and address them with expert support.

Many Australian SMBs have undetected compliance gaps

Common issues include outdated privacy policies, undocumented third-party sharing, missing collection notices, and no breach response procedure. A compliance check finds them before the OAIC does.

Privacy compliance check: what to review

A thorough privacy compliance check covers six core areas. Use this as a starting framework — a Privacy Advisor can assess your specific practices in depth.

Policy references Australian Privacy Principles

Policy describes how individuals can lodge complaints

Collection & Notification

Collection notices are provided at point of collection

Only reasonably necessary information is collected

Sensitive information is collected only with consent

Use & Disclosure

Personal information is used only for its primary purpose

Third-party sharing is documented and disclosed

Cross-border transfers are assessed under APP 8

Security

Technical and organisational security measures are in place

Access controls limit who can view personal data

A data retention and destruction schedule exists

Individual Rights

Process exists for individuals to access their information

Process exists for individuals to request corrections

Complaints procedure is documented and followed

Breach Response

Breach response procedure is documented

Staff understand NDB notification obligations

30-day OAIC notification timeline is tracked

APP gap assessment: the core of your compliance check

The APP Gap Assessment is the central tool in a privacy compliance check. It maps your current practices against each of the 13 Australian Privacy Principles and assigns a status: evidenced, partial, or missing.

Sample APP Gap Assessment result

APP 1— Open & transparent management

✓ Evidenced

APP 5— Notification of collection

⚠ Partial

APP 8— Cross-border disclosure

✗ Missing

APP 11— Security safeguards

⚠ Partial

APP 12— Access to personal information

✗ Missing

Privacy Act Shield assesses all 13 APPs. A Privacy Advisor reviews and confirms each status.

Getting a managed privacy compliance check

A managed compliance check goes beyond a self-assessment checklist. Privacy Act Shield combines structured software tooling with Privacy Advisor oversight to produce defensible, OAIC-aligned evidence.

Faster than DIY

AI pre-fills your APP gap assessment from your data inventory. Advisors review, not re-do.

OAIC-aligned language

Every finding references actual OAIC guidance — not generic checklists.

Defensible evidence

Human sign-offs and audit trails that hold up under investigation.

Ongoing support

Compliance check is a starting point, not a one-off — advisors help you remediate gaps.

Frequently asked questions

What is a privacy compliance check?

A privacy compliance check is a structured review of your business practices against the Privacy Act 1988 obligations, particularly the 13 APPs. It identifies what is evidenced, what is partial, and what is missing.

How often should I run a privacy compliance check?

At least annually, and whenever you introduce new systems, data types, or third-party integrations. A Privacy Impact Assessment (PIA) should precede any major new data initiative.

Can I do a privacy compliance check myself?

A self-assessment is a useful starting point, but the 13 APPs have nuances that are easy to misapply without experience. A Privacy Advisor review ensures your check produces evidence that would satisfy the OAIC.

What happens after a compliance check identifies gaps?

Each gap becomes a remediation action with a recommended approach. Privacy Act Shield tracks these through to resolution and updates your evidence vault as gaps are closed.

Ready to check your privacy compliance?

Talk to a Privacy Advisor and get a structured compliance check tailored to your business.

Talk to a Privacy Advisor

Privacy Act Shield prepares structured compliance evidence aligned to the APPs. It is not legal advice.

Privacy Compliance Check for Australian Businesses