The Act will be based on the best parts of the US and UK laws coupled with industry codes of conduct such as those used in New Zealand, according to Nicholson.
The reforms will likely give the Privacy Commissioner new powers to amend legislation to facilitate emerging technologies including biometrics, data warehousing of customer information and high profile breaches of sensitive data.
Andrew Hayne deputy director of policy for the Office of the Privacy Commissioner said the codes are designed to add specificity to the current Act which has been attacked for its weak non-specific structure.
"The requirement [for notification of privacy breaches] should not be an unreasonable burden on business and it should not result in alarmous [sic] notification," Hayne said.
The reforms will merge Australia's dualist IPP and NPP privacy laws, which mandate similar policies for federal and state organizations, into a single Act to reduce complexity.