(AS)-4590 Interchange of Client Information.
Abstract
Specifies how to identify client
information for the purpose of data interchange between organizations.
Identification of clients by person and organization include details of person,
organization, telephone and address.
Scope
This Standard sets out requirements for the following data items for the
interchange of client information:
(a) Identification number - Australian Company Number (ACN), Australian
Registered Body Number (ARBN), Customer Reference Number (CRN) and the like.
(b) Name of client, i.e. -
(i) Person - title/suffix/family/given including alias, preferred, maiden,
legal, professional/stage; and
(ii)Organization - company, partnership, trading.
(c) Date of birth.
(d) Sex.
(e) Marital status (partner relationship).
(f) Occupation.
(g) Country of birth.
(h) Country of citizenship.
(i) Industry.
(j) Organization type - business, non-profit bodies.
(k) Telephone number details, facsimile, electronic
addresses.
(l) Address details - physical and postal.
This Standard focuses on the interchange of client
information and does not comprehensively cover the interchange of international
client information. It does not set any mandatory/optional fields - this
requirement is to be established during the information interchange process.
This Standard does not address data interchange syntax.
Electronic mail and world wide web addresses have not been included.*
Application
Users of this Standard should refer to relevant privacy guidelines and
legislation so as not to breach personal privacy in their collection, use,
storage and disclosure of client information. Users should refer to AS 4400 and
to the following for more information:
(a) Privacy Act 1988 (Commonwealth).
(b) Federal Privacy Handbook.
(c) Plain English Guidelines to Information Privacy Principles 1-3 Privacy
Commissioner (see Appendix A).
(d) OECD Guidelines for the security of information systems (see Appendix B).
(e) State and Commonwealth legislation and regulations, as applicable.
The privacy and security principles and practice in this Standard shall be
inoperative when they are in conflict with relevant legislation or other
legally binding conditions.
Record keepers may find that certain principles which would normally apply to
their data stores need not apply because of the existence of relevant statute
or common law. For example, the legislation which governs a party may
intentionally provide it with powers to use personal information in a
controlled environment in contravention of sections of this Standard.