How can organizations ensure compliance with APP 11 (security of personal information) in e-signature systems?

APP 11 requires reasonable steps to protect personal information from misuse, interference, loss, unauthorized access, modification, or disclosure. In e-signature processes, this involves selecting systems with robust encryption for data in transit and at rest, implementing access controls like multi-factor authentication, conducting regular security audits, and retaining data only as long as necessary. Organizations should also develop incident response plans for data breaches and notify affected individuals as required.

What steps should be taken to obtain valid consent under APP 3 for personal information in e-signatures?

Under APP 3, personal information must be collected only if it is reasonably necessary and with consent where practicable. For e-signatures, this means clearly informing users about the data being collected (e.g., identity verification details), the purpose (e.g., document authentication), and how it will be used or stored. Consent should be voluntary, informed, and specific—obtained via opt-in mechanisms rather than pre-ticked boxes. Privacy policies should be easily accessible during the signing process to support transparency.

How to comply with Australian Privacy Principles (APP) when using e-signatures?

Shunfang

2026-02-27

3min

FAQs

The Australian Privacy Principles (APP) under the Privacy Act 1988 outline requirements for handling personal information. For e-signature workflows, APP 1 (open and transparent management), APP 3 (collection of solicited personal information), APP 6 (use or disclosure), APP 11 (security of personal information), and APP 12 (access and correction) are particularly relevant. Organizations must ensure that personal data collected during e-signing, such as names, emails, and signatures, is handled transparently, collected lawfully with consent, used only for the intended purpose, securely stored, and accessible for correction upon request.

Shunfang

Head of Product Management at eSignGlobal, a seasoned leader with extensive international experience in the e-signature industry. Follow me on LinkedIn

Get legally-binding eSignatures now!

30 days free fully feature trial

Business Email

Get Started

Only business email allowed