Hiring a VA is so hot right now, but don’t get caught out with your legal obligations.

O*NO! You have hired a Virtual Assistant, or are about to hire a VA, but don’t know what you need to look at in your contract. Are you protected? What are your risk areas?

There are so many things to think about in your VA contract, and we will let you know what these are over the coming months, but right now, the big bad thing that can be lurking in the background is in relation to privacy.

What you need to know about Privacy when hiring a Virtual Assistant.

When you hire a Virtual Assistant, if they will touch any personal information then you are essentially outsourcing the handling of your clients’ Personal Information. So, who is responsible for how they handle it?

You will be legally liable if your VA breaches the Australian Privacy Laws. In some instances, you can partially transfer liability to your VA – but this gets tricky if your VA is overseas.

Not only will you be legally liable, but any breach will make you look bad and have an impact on your reputation and brand.

Who is responsible for Privacy overseas?

It will be important to consider whether your VA is accountable under the Australian Privacy Principles.

Generally, if your VA is operating a small business in Australia then they won’t be caught by the Privacy Act in their own right. That’s why it is so important to make sure they agree to comply with the APPs as their breach will be your breach.

If your VA is not based in Australia and are a large provider, then they could be caught by the Privacy Act as they collect Personal Information from Australia and do business in Australia. If this is the case then your clients’ data will have the protection of Australian Privacy Laws. Whilst they will have this protection at law, some providers are not fully across their obligations and it will fall to you to ensure they comply, so education here is key.

It is still your responsibility to ensure your VA complies with the APPs. You can do this through an enforceable contract with your Virtual Assistant which requires them to comply.

Before handing over any of your clients’ Personal Information to your Australian or overseas VA, you need their consent to do so. You do this in your privacy policy. If you don’t have a privacy policy that allows you do this, you will need to get permission from each client individually, which could be a huge task depending the size of your database! That’s why it is so important to state in your privacy policy that you will disclose their information to your contractors and others that help you run your business and that the disclosure could be to an overseas recipient.

Write data protection into your VA contract

In order to avoid problems with Privacy, your contract with your Virtual Assistant should:

• be governed by Australian law

• set out your VA’s compliance with your Privacy Policy & the APPs

• maintain your inspection and audit rights so you can make sure they are doing the right thing

• include a clause that states they will notify you immediately if there has been a suspected data breach

• say who owns the Personal Information

• outline the VA’s procedures for retention & disposal of data during and after the engagement

• clearly set out the responsibilities of each party so everyone understands how to handle data.

Key Takeaways

• Audit your VA’s Privacy Policy.  Does it comply with Australian Privacy Laws?

• Under your contract, get your VA to comply with your Privacy Policy and Australian Privacy Laws.

• Include further clauses in your contract about how your VA will protect the Personal Information you disclose.

• Notify your clients when you are collecting their Personal Information how you will use it and how it will be kept.  

• Get proper consent by fully informing your clients of the implications of overseas disclosure.

Remember - the handling of your clients’ Personal Information is your responsibility and even the best contract clauses cannot fully get you out of this liability – but a good contract and privacy policy can help!

What’s next?

Maybe you’ve already hired a Virtual Assistant, or you’re thinking about bring one on! Book a FREE 10 min call with our team of legal experts to get started on sorting out your VA agreements and privacy obligations.

Don’t have a privacy policy or your ‘must haves’ sorted yet, then head over to our online store to check out our value packed Guided DIY options – legals don’t need to be expensive!

Boring legal stuff: This article is general information only and cannot be regarded as legal, financial or accounting advice as it does not take into account your personal circumstances. For tailored advice, please contact us.