BACKGROUND: There are escalating requirements for general practitioners to comply with recognised privacy principles. With amendments to the Commonwealth Privacy Act (1988) imminent, there is an urgent need to formulate methods for applying these principles to general practice. OBJECTIVE: The article provides an explanation of the origins of the privacy principles and a simple self audit which general practitioners can use to assess the extent to which their usual practices conform with them. DISCUSSION: A careful review of the principles indicates that new measures will be needed before most general practices will be able to approach required standards of conduct. Practical strategies for achieving best practice are discussed and challenges confronting general practices in applying the principles are canvassed. Ethics committees should be used more often to provide independent review of practice policies and proposals to use patient information in new ways. General practitioners can expect increasing scrutiny and debate concerning confidentiality. In order to maintain patient trust in GPs as responsible data custodians, the privacy principles can be seen as a quality improvement tool.