Author Archives: Matthew Cartwright

About Matthew Cartwright

Matthew first joined CRH Law as a law clerk in 2014, providing legal, administrative and research assistance to the firm while completing his legal studies. During his time as a law clerk, Matthew has gained experience in the areas of law practised at CRH Law, and has had many opportunities to provide assistance to the clients of the firm.

New penalty regime under the Privacy Act

The Commonwealth Government has announced plans to introduce a new penalty regime for the misuse of personal information under the Privacy Act (“the Act”).

The aim of the new regime is to increase the protection of data and personal information online by increasing the penalties for breaching the Act, and by expanding the powers of the Office of the Australian Information Commissioner (“OIAC”).

While the new penalties are primarily targeted towards social media and technology platforms that capture, analyse and share personal information of users, the amendments will have consequences for all entities to which the Privacy Act and Australian Privacy Principles apply.

The amendments will introduce the following changes to the Act:

1. Increased penalties for all entities covered by the Act.

The current maximum penalty for serious or repeat breaches of the Act will be increased from $2.1 million to $10 million or three times the value of any benefit obtained through the misuse of personal information or 10 per cent of a company’s annual domestic turnover – whichever is greater.

2. Expanded powers for the OIAC

The OIAC will be provided with new powers to issue infringement notices to entities that have breached the Act. These powers will be supported by new penalties for failure to cooperate with efforts to resolve minor breaches of up to $63,000 for corporate entities and $12,600 for individuals.

3. Specific rules to protect children and vulnerable groups

The amendments will introduce specific rules to protect the personal information of children and other vulnerable groups.

There is currently only general information available about the content of the amendments, with legislation to be drafted and made available for consultation in the second half of 2019.

CRH Law will continue to monitor the progress of the changes to the Privacy Act. In the meantime, the original media release is available on the Government’s website or via this link.

A new category of deductible gift recipient

The Federal Budget has revealed that the Commonwealth Government will soon establish a new general category of deductible gift recipient (DGR) to enable men’s and women’s sheds to access DGR status from 1 July 2020.

This will mean that taxpayers will soon be able to claim an income tax deduction for donations of $2 or more to a men’s or women’s shed that has been endorsed as a DGR.

Although it is common for men’s and women’s sheds to be registered charities under the subtypes of ‘advancing health’ or ‘advancing social or public welfare’, many are denied DGR status on the basis that they cannot be properly classified as a health promotion charity or public benevolent institution.

In turn, this has precluded many men’s and women’s sheds from accessing a range of funding opportunities , with many grants being reserved for organisations with DGR status.

The establishment of this category of DGR is intended to acknowledge the beneficial role men’s and women’s sheds can play in the mental health and social inclusion of their members.

Australia’s aged care workforce strategy

The Aged Care Workforce Taskforce (“the Taskforce”) recently published a report detailing its strategy to address challenges facing the aged care industry workforce, titled A Matter of Care – Australia’s aged care workforce strategy.

As identified in the foreword to the report, the Taskforce’s brief was to develop an industry-drive workforce strategy to grow and sustain the workforce to ensure it can provide aged care services that can meet the care needs of our elderly now and into the future, irrespective of setting.

The report outlines 14 strategic actions to support Australia’s aged care workforce:

  1. Creation of a social change campaign to reframe caring and promote the aged care workforce;
  2. Voluntary industry code of practice;
  3. Reframing the qualification and skill framework and addressing current and future competencies and skills requirements;
  4. Defining new career pathways, including how the workforce is accredited;
  5. Developing cultures of feedback and continuous improvement;
  6. Establishing a new standard approach to workforce planning, including skills mix modelling;
  7. Implementing new attraction and retention strategies for the workforce;
  8. Developing a revised workforce relations framework to better reflect the changing nature of work;
  9. Strengthening the interface between aged care and primary/acute care;
  10. Improving training and recruitment practices for the Australian Government aged care workforce;
  11. Establishing an accord for remote and very remote areas;
  12. Establishing an Aged Care Centre for Growth and Translational Research;
  13. Current and future funding considerations, including staff remuneration; and
  14. Transitioning the existing workforce to new standards.

The Taskforce aims to implement its workforce strategy over the next one to three years. It is unclear what impact the announcement of the Royal Commission will have on the work of the Taskforce.  The full report is available online on the Department of Health’s website or via this link.

Review of the Charter of Residents’ Rights and Responsibilities

The Department of Health has released a consultation paper on the development of a single Charter of Aged Care Rights to replace the existing charters set out in the User Rights Principles 2014.

The User Rights Principles 2014 currently contain four charters relating to the rights and responsibilities of aged care recipients for:

  1. Residential care;
  1. Home care;
  1. Short term restorative care (residential care setting); and
  1. Short term restorative care (home care setting).

The proposed Charter of Aged Care Rights will replace the existing charters and will apply uniformly to all aged care recipients. The consultation paper sets out a number of reasons to support the adoption of a single Charter of Aged Care Rights, including:

  1. There is considerable duplication between the existing charters;
  1. There are also differences between the charters and this raises the question as to why some consumers are not afforded the same rights as others;
  1. A single charter across aged care will make rights clearer for consumers; and
  1. A single charter will reduce regulatory compliance for providers who deliver multiple types of care.

This is another step in the consumer directed care journey with the focus squarely on the consumer’s rights. Whilst the simplification is welcome, the new proposed charter deletes the previous specific reference in the charter to a consumer’s responsibilities. This lack of recognition of any consumer responsibilities is disturbing. The consultation paper acknowledges that consumers and consumer groups agreed that “an individual’s rights need to be balanced with the rights of others” but suggests that this need has been addressed in the preamble to the single charter which contains an acknowledgement that “others involved in their aged care service” have the same rights.

There is no evidence that the inclusion of the responsibilities in the existing charters has had a negative impact on consumers. Many would argue that they were largely ignored but at least they existed and provided some recognition that those who care have the right to a safe work place.

This is perhaps an example of how the pendulum can swing in favour of consumers when regulators are faced with the fallout from almost continual negative media attention.

The Department of Health is now accepting public consultation on the draft Charter of Aged Care Rights, with responses due by 10 October 2018. Copies of the consultation paper and draft Charter of Aged Care Rights are available online via this link.

External conduct standards for charities

The Treasury has released a draft of the Australian Charities and Not-for-profits Commission Amendment Regulations (No. 2) 2018, which outlines proposed external conduct standards that charities registered with the ACNC must comply with when operating outside Australia.

The proposed regulations will impose four standards upon registered charities which operate outside Australia, or work with third-parties that operate outside Australia. By way of summary, the standards address the following matters:

  1. The activities and control of resources by registered charities (including funds);
  1. The annual review of overseas activities and record keeping obligations;
  1. Anti-fraud and anti-corruption obligations; and
  1. Ensuring the protection of vulnerable individuals by registered charities.

The purpose of the external conduct standards, as described in the explanatory notes, is to promote transparency and greater public confidence in the not-for-profit sector that funds sent and services provided overseas by registered charities are reaching legitimate beneficiaries and being used for legitimate purposes.

The external conduct standards will apply to registered charities that operate outside Australia or formally or informally collaborate with third-parties that operate outside Australia. Importantly, the external conduct standards will not apply to registered charities which carry out activities outside Australia that are merely incidental to the operation and pursuit of the charity’s purposes in Australia.

The Treasury is currently seeking submissions of the draft regulations and explanatory material, with consultation open until 21 September 2018. The draft regulations are accessible online on the Treasury’s website or via this link.

Mandatory reporting of data breaches

A new scheme for the mandatory notification of data breaches is set to commence on 23 February 2018 (“the Notifiable Data Breach scheme”) which may affect a significant number of organisations in the not-for-profit sector.

Upon commencement, the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth) will amend the Privacy Act 1988 (Cth) to introduce new obligations concerning the investigation and notification of data breaches.

The Notifiable Data Breach scheme will apply to all entities that are subject to the Privacy Act 1988 (Cth) and the Australian Privacy Principles (“APP entities”), including businesses and not-for-profit organisations with an annual turnover of $3 million or more.

What is a data breach?

An ‘eligible data breach’ will occur if there is unauthorised access to, unauthorised disclosure of, or loss of personal information, which a reasonable person would conclude is likely to result in serious harm to the individual to whom the information relates.

Suspected data breach

If an APP entity has reasonable grounds to suspect that an eligible data breach may have occurred, it must investigate the circumstances and assess whether a breach occurred within 30 days.

Eligible data breach

If an APP entity has reasonable grounds to believe an eligible data breach has occurred, the APP entity must notify the Office of the Australian Information Commissioner and, if practical, take reasonable steps to notify the affected individuals.

The notification must include certain prescribed information (for example, it must contain recommendations as to the steps that affected individuals should take in response to the breach).

If an APP entity fails to comply with the new data breach requirements, it will have committed an interference with the privacy of an individual and penalties may apply under the Privacy Act 1988 (Cth).

Remedial action

Importantly, an APP entity will not be required to report a data breach if it takes remedial action in response to the breach, from which a reasonable person would conclude that the data breach would be unlikely to result in serious harm to the affected individuals.

Where to from here?

APP entities should familiarise themselves with the new data breach requirements and review their internal policies and procedures to ensure breaches are handled appropriately.

For further information about the new Notifiable Data Breach scheme, please do not hesitate to contact us.

Unregistered Trademarks & Prior Use

According to the World Intellectual Property Organisation (WIPO), “Intellectual capital is recognized as the most important asset of many of the world’s largest and most powerful companies; it is the foundation for the market dominance and continuing profitability of leading corporations.”

Not for profit organisations that deliver services in increasingly competitive environments also understand the value of their intellectual property and the need to protect it. One of the fundamental mechanisms for doing so is registration of trademarks. However, it is rarely a straightforward process.

A common problem that arises when applying to register a trademark is that the proposed trademark is not sufficiently unique to distinguish the applicant’s goods or services from those of other traders and service providers.

This can occur where the trademark uses common or generic words and/or names. The difficulty with the registration of this type of trademark is that it would allow one business to prevent others from using common words or phrases in promoting their goods or services.  However, even trademarks that use common words can be distinct and valuable.

By way of example, a care provider has created a model for delivering home care which it calls the ‘CareWell Program’. The organisation has spent a long time developing its care model, and has now been delivering it for over five years. Given the success of its care model, the organisation has decided it is time to apply for a trademark for the “CareWell Program” name.

Such a trademark is likely to be refused registration on the basis that it is not capable of distinguishing the organisation’s services from the services of other care providers. Other care providers should be allowed to use the words ‘care’ and ‘well’ which are common everyday words that would be used by a large number of providers in describing their care services.

This difficulty may, however, be overcome given the extensive prior use of the “CareWell Program” name over the past five years. The service provider should be able to submit evidence detailing its prior use of the name to establish that because of this use:

  1. consumers associate the name with its services; and
  2. the name can therefore be used to distinguish its services from those of other providers.

Regardless of whether the name used is clever, unique or special a name might be, it should be protected to the fullest extent possible.

For more information on trademark registration, please contact us.


Security Interests and the PPSR

A quick search of the Personal Properties Security Register (“PPSR”) is an efficient way for a purchaser to determine whether any charges or security interests have been registered against the property of another party, which might burden the purchaser’s title to the property it proposes to acquire. This is an important step which can help purchasers to decide, in light of any security interests, whether to proceed with a transaction.

Accordingly, it is important to ensure the PPSR accurately reflects any security interests granted over a party’s property, so that prospective purchasers can find out what they are buying into. It is the responsibility of the parties to ensure the PPSR is up-to-date; if a security interest has expired, or the transaction to which it related is no longer current, the parties should ensure the security interest is removed from the PPSR.

In our experience, parties are usually very proactive in ensuring the registration of security interests, but not always so proactive attending to removal once the security interest is no longer relevant. As a result, a security interest can lie dormant on the PPSR until a prospective purchaser rightfully starts asking questions.

For this reason, it is good practice to regularly review the security interests registered against your organisation and its property and, where necessary, arrange for the removal of any security interests which are no longer relevant. This can avoid issues down the line, and may ultimately help minimise costs and delay when selling or transferring property.

Protecting & Strengthening Intellectual Property

Where a business or not-for-profit organisation has invested time, effort and money into the creation of valuable intellectual property, it is important to ensure the final product is adequately protected.

The first step to protecting your valuable intellectual property is to identify what type of intellectual property rights you hold, and how these rights can be protected. This can be a complex process, which often involves interplay between the laws relating to copyright and trademarks.

For example, a service provider that has developed a particular care program such as a falls prevention program will generally own the copyright in any documents including forms, policies, procedures, training resources and diagrams which form part of the program materials.

However, copyright protection will only cover the way in which the program has been expressed in those materials. It will not protect the underlying idea, process or concept behind the program. The copyright holder can prevent others from copying or reproducing its program materials, but may not be able to prevent them from replicating the ideas or concepts so long as they use a different way of expressing or explaining those ideas and concepts.

It is therefore important to consider whether there are any other mechanisms for strengthening the protection of your intellectual property. In our experience, the often overlooked trademark can be particularly beneficial.

If the care program used in our example is successful, it is likely that consumers will have come to identify the care program by its name or branding. If that name or branding is registered as a trademark for the program, other care providers will not be able to use that name or branding in relation to their programs (regardless of how they are documented).

This can be particularly beneficial if the trademark has become synonymous with the care program, its quality or effectiveness and the care provider. Even if other providers replicate the underlying ideas, they will have to come up with a different name to use in marketing their program and will be forced to commit significant resources to make inroads into the market share held by the owner of the existing well respected brand.

For more information on protecting your intellectual property, please contact us.