Almost all industries in Australia have confidential information, whether it be employee information, business documents or tax records. Here we have broken down some of the basic time periods in which business documents must be kept before being destroyed or de-identified.
All businesses must comply with the Australian Privacy Principles (APPs) in the Privacy Act 1988 when collecting or retaining confidential information. The Privacy Act (1988) regulates how businesses collect, use, store and disclose personal information.
The table below indicates how long company documents have to be legally kept for, after this time period documents should be securely disposed of or de-identified. The most common way of destroying documents is by shredding, however in order to be compliant the document must not have identifiable features such as name, date of birth, profession and other personal information.
The table below is considered to be a general guideline of disposal periods and is not designed to constitute legal advice, any questions or further information should be directed to a legal expert such as a lawyer or government agency for clarification.