The notion of privacy takes on a completely different meaning when viewed from the perspective of an IT professional, an organisation using technology to support strategic directions or a member of the public. This paper looks past the technical issues involved in data protection and examines some of the business, social and regulatory aspects that have become important to those involved in the management, storage and dissemination of electronic information. The paper documents some of the legislative developments in privacy and data protection and examines what these developments mean for IT professionals for whom the link between data captured, stored and processed into information and the resulting effect on privacy is important. The Commonwealth Privacy Act 1988 based on work done by the Council of Europe, the OECD and the European Union provides some general guidelines but only for the public sector. However, new legislation imminent. Thus, IT professionals need to be aware of the changing situation and examine their organisation’s current practices to ensure compliance with future laws.