CONTACT US: 
Site Changes
- Note 1: Major changes to the Privacy Act 1988 will come into effect in March 2014. Agencies, businesses and not for profits need to start preparing for these changes. For more information go to our privacy law reform page at www.oaic.gov.au
- Note 2: From 12 March 2013 content is no longer being added to, or amended, on this site, consequently some information may be out of date. For new privacy content visit the www.oaic.gov.au website.
Types
Documents under "Information Sheets", sorted by "date".
About the Office
Information Sheet (About the Office): Conciliation of Privacy Complaints
pdf (75.89 KB)
The information below explains the conciliation process so that you know what to expect when participating in conciliation as part of the Office of the Privacy Commissioners complaint handling process. When the Office of the Privacy Commissioner (the Office) receives a complaint it decides how it will be handled. The best way to...
Private Sector
Information Sheet (Private Sector) 30 - 2010: ID scanning in clubs and pubs
pdf (739.63 KB)
This information sheet is for private sector hospitality organisations like clubs and pubs that are covered by the Privacy Act. It provides compliance tips and examples for when they copy, scan or otherwise collect personal information about their patrons.
Information Sheet (Private Sector) 29 - 2009: Use or disclosure of genetic information in the private health sector
pdf (285.9 KB)
This information sheet is for health service providers in the private health sector. It relates to privacy and the use or disclosure of genetic information to lessen or prevent a serious threat to life, health or safety of a patient’s genetic relatives.
Information Sheet (Private Sector) 28 - 2009: NPP 3 Data Quality
pdf (264.67 KB)
Key Messages This information sheet will assist private sector organisations covered by the Privacy Act 1988 (Cth) (Privacy Act) to comply with their obligations under National Privacy Principle 3 (NPP 3). NPP 3 requires organisations to take reasonable steps to make sure the personal information they collect, use or disclose is accura...
Information Sheet (Private Sector) 26 - 2008: Interaction between the Privacy Act and the Spam Act
pdf (350.57 KB)
Key Messages Introduction The Spam Act prohibits sending unsolicited commercial electronic messages (spam). The Acts coverage includes emails, instant messaging, SMS and MMS (text and image-based mobile phone messaging) of a commercial nature. The Spam Act applies to any commercial electronic message with an Aust...
Information Sheet (Private Sector) 25 - 2008: Sharing health information to provide a health service
pdf (305.4 KB)
Key Messages Privacy and caring for your patient The federal Privacy Act is consistent with good treatment practices and promotes appropriate information flows within the health sector, by building on existing relationships of trust between health professionals and patients. What does the Privacy Act say about how patients information sho...
Information Sheet (Private Sector) 24 - 2008: Disclosure of health information and impaired capacity
pdf (135.1 KB)
Key Messages The Privacy Act and Impaired Capacity There will often be times where a patient is unable to give consent to the disclosure of their health information to loved ones. Under the federal Privacy Act, doctors and other health service providers may share the information of an incapacitated patient with family, a partner or...
Information Sheet (Private Sector) 23 - 2008: Use and disclosure of health information for management, funding and monitoring of a health service
pdf (132.56 KB)
Key Messages Privacy and the handling of health information The federal Privacy Act is consistent with good treatment practices and permits appropriate information flows within the private health care sector, including for the management, funding and monitoring of a health service. It achieves this by building on existing relationships of t...
Information Sheet (Private Sector) 22 - 2008: Fees for access to health information under the Privacy Act
pdf (125.82 KB)
Key Messages The Privacy Act and charging fees for access The federal Privacy Actrequires health service providers in the private sector to give a patient access to their health information if requested, unless a listed exception applies. Under the Privacy Act: providers are not required to charge a fee for giving access;...
Information Sheet (Private Sector) 21 - 2008: Denial of access to health information due to a serious threat to life or health
pdf (126.24 KB)
Key Messages The Privacy Act and access to health information The federal Privacy Act requires health service providers in the private sector to give a patient access to their health information if the individual requests it. However, access may be denied to the individual if an exception listed in the Privacy Act applies....
Information Sheet (Private Sector) 20 - 2007: Scanning 'Proof of Identity' Documents
pdf (89.47 KB)
Key Messages Good privacy practices are good for business. The Office of the Privacy Commissioner (the Office) is aware that with the adoption of new technologies by many businesses, the practice of scanning proof of identity documents is becoming more common. This practice can, however, create significant privacy risks and could undermi...
Information Sheet (Private Sector) 19 - 2007: The Prescription Shopping Information Service (PSIS) and The Privacy Act
pdf (68.64 KB)
Key Message In order to comply with Privacy Act obligations, the Office of the Privacy Commissioner advises practitioners that it is generally good privacy practice to seek the patients consent before collecting health information from the Prescription Shopping Information Service (PSIS). However, the Privacy Act also permits...
Information Sheet (Private Sector) 18 - 2003: Taking reasonable steps to make individuals aware that personal information about them is being collected
pdf (176.29 KB)
Background National Privacy Principles (NPPs) 1.3 and 1.5 of the Privacy Act 1988 (Cth) (the Privacy Act) aim to make sure that individuals know who collects personal information about them, the purpose of collection and what happens to the information after it is collected. This helps give individuals some control over informa...
Information Sheet (Private Sector) 17 - 2003: Privacy and Personal Information that is Publicly Available
pdf (105.93 KB)
Introduction In carrying on their activities many organisations collect personal information from a range of public sources. These include books, newspapers, magazines, websites, television, radio, telephone directories (hard copy and electronic), share registers, the register of births, deaths and marriages, ASIC company regis...
Information Sheet (Private Sector) 16 - 2002: Application of Key NPPs to Due Diligence and Completion when Buying and Selling a Business
pdf (125.27 KB)
Background This Information Sheet is designed to help organisations involved in the sale and purchase of a business to comply with their obligations under the Privacy Act 1988 (Cth) (the Privacy Act). The Information Sheet was developed in collaboration with the Law Council of Australia. Sales of businesses are generally struct...
Information Sheet (Private Sector) 15 - 2002: National Privacy Principle 7 - Identifiers in the Health Sector
pdf (97.06 KB)
This Information Sheet has been developed in response to a number of enquiries in relation to the adoption, use and disclosure of Commonwealth identifiers (including the Medicare number) in the health sector. These enquiries have arisen with the commencement of the Commonwealth-s new privacy law. This law came into effect on 21 De...
Information Sheet (Private Sector) 14 - 2001: Privacy Obligations for Commonwealth Contracts
pdf (127.38 KB)
Background Commonwealth Government agencies (agencies) are required to comply with the Information Privacy Principles (IPPs) in the Privacy Act 1988 (Cth) (the Privacy Act) when handling personal information. At times agencies contract out (outsource) a function that requires a contractor to collect and handle personal informat...
Information Sheet (Private Sector) 13 - 2001: The Federal Privacy Commissioner's Approach to Promoting Compliance with the Privacy Act
pdf (68.49 KB)
Ensuring that organisations comply with their obligations under the Privacy Act is one of the Offices most important functions. Good advice and good rules only make a real difference if they are put into practice. This information sheet sets out the approach the Office intends to take to promoting compliance with the requirements...
Information Sheet (Private Sector) 12 - 2001 Coverage of and Exemptions from the Private Sector Provisions
pdf (91.18 KB)
**NOTE: updated with minor amendments 27 November 2007. This information sheet aims to help organisations work out if the private sector provisions in the Privacy Act 1988 (Cth) (the Privacy Act) apply to them. It lists the type of entities that the Privacy Act will apply to and those that will be exempt from its covera...
Information Sheet (Private Sector) 11 - 2001: Privacy Codes
New private sector provisions in the Privacy Act 1988 (Cth) (the Privacy Act) regulate the way the private sector organisations collect, use, keep secure and disclose personal information. The private sector provisions aim to give people greater control over the way information about them is handled in the private sector by requiring organisation...
Information Sheet (Private Sector) 10 - 2001 Application to the Privacy Act to Information Already Held
pdf (61.28 KB)
When the new private sector amendments to the Privacy Act 1988 (Cth) (the Privacy Act) come into force on 21 December 2001, not all the National Privacy Principles (NPPs) will apply to information that private sector organisations have already collected. Section 16C of the Privacy Act sets out which NPPs will apply regardless of w...
Information Sheet (Private Sector) 9 - 2001: Handling Health Information for Research and Management
pdf (117.47 KB)
Under the National Privacy Principles (NPPs) sensitive information cannot usually be collected without the persons consent (NPP 10). Health information is one type of sensitive information (as defined in section 6 of the Privacy Act, 1988 (Cth) (the Privacy Act)). However NPP 10.3 permits organisations to collect health informatio...
Information Sheet (Private Sector) 8 - 2001: Contractors
pdf (72.72 KB)
This information sheet aims to help organisations that enter into contracts with other parties to comply with their obligations under the National Privacy Principles (NPPs) in the Privacy Act 1988 (Cth) (the Privacy Act). In particular, it is relevant to an organisation that enters into a contract with another party (the contracto...
Information Sheet (Private Sector) 7 - 2001: Unlawful Activity and Law Enforcement
pdf (104.13 KB)
The Privacy Act 1988 (Cth) (the Privacy Act) seeks to balance the privacy of individuals with the public interest in law enforcement and the regulatory objectives of government. In the course of carrying out their activities and functions, enforcement bodies, government agencies and regulatory authorities collect personal informat...
Information Sheet (Private Sector) 6 - 2001: Security and Personal Information
pdf (77.27 KB)
National Privacy Principle (NPP) 4.1 provides that an organisation must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure. Data security is an important way of ensuring that personal information is only used for permissible purposes. In...
Information Sheet (Private Sector) 5 - 2001: Access and the Use of Intermediaries
pdf (62.29 KB)
The following information is provided to assist organisations when they are considering ways to comply with National Privacy Principle 6.3 (NPP 6.3). This principle allows an individual to be given access to information through an intermediary. Role of an intermediary NPP 6.3 requires that an organisation must consider using an...
Information Sheet (Private Sector) 4 - 2001: Access and Correction
pdf (316.93 KB)
Key Messages National Privacy Principle (NPP) 6 in the Privacy Act 1988 (Privacy Act) provides individuals with a right of access to information held about them by an organisation. How organisations give access will depend on the circumstances. In some cases organisations may wish to provide a photocopy or print out of the information...
Information Sheet (Private Sector) 3 - 2001: Openness
pdf (65.42 KB)
National Privacy Principle 5 (NPP 5) requires organisations to be open about their handling of personal information in two ways. This information sheet expands on the Privacy Commissioners Guidelines to the National Privacy Principles. Ways an organisation could give NPP 5.1 information There are a number of ways an organisati...
Information Sheet (Private Sector) 2 - 2001: Preparing for 21 December 2001
pdf (67.19 KB)
New privacy provisions New private sector provisions in the Privacy Act 1988 (Cth) (the Privacy Act) regulating the way many private sector organisations collect, use, keep secure and disclose personal information come into effect on 21 December 2001. Organisations may choose to be bound by a privacy code approved by the Privac...
Information Sheet (Private Sector) 1A: National Privacy Principles
pdf (84.89 KB)
Principle 1 - Collection Principle 2 - Use and disclosure Principle 3 - Data quality Principle 4 - Data security Principle 5 - Openness Principle 6 - Access and correction Principle 7 - Identifiers Principle 8 - Anonymity Principle 9 - Transborder data flows Principle 10 - Sensitive information...
Information Sheet (Private Sector) 1 - 2001: Overview of the Private Sector Provisions
pdf (63.8 KB)
**NOTE: updated with minor amendments 27 November 2007. New private sector provisions in the Privacy Act 1988 (Cth) (the Privacy Act) regulate the way many private sector organisations collect, use, keep secure and disclose personal information. For the first time, they give individuals the right to know what information an...
Public Sector
Information Sheet (Public Sector) 3 - Portable storage devices and personal information handling
pdf (378.01 KB)
This information sheet suggests a number of steps Australian and ACT Government agencies should consider taking to help safeguard personal information stored or handled on portable storage devices. What is a portable storage device? A portable storage device (PSD) is defined in this information sheet as a small, lightweight, portabl...
Information Sheet (Public Sector) 2 - A step-by-step guide to internal investigations of privacy complaints by Australian and ACT government agencies
pdf (338.15 KB)
This information sheet assists Australian and ACT government agencies covered by the Privacy Act 1988 (Cth) (the Act) to address a privacy complaint by an individual. Are you covered under the Act? The Act requires that most Australian Government agencies comply with the Information Privacy Principles (IPPs)....
Information Sheet (Public Sector) 1 - Information Privacy Principles under the Privacy Act 1988
pdf (65.42 KB)
Principle 1 - Manner and purpose of collection of personal information Principle 2 - Solicitation of personal information from individual concerned Principle 3 - Solicitation of personal information generally Principle 4 - Storage and security of personal information Principle 5 - Info...
Public and Private Sectors
Information Sheet (Public and Private Sectors) 1 - Emergencies and disasters
pdf (588.89 KB)
This Information Sheet discusses how Part VIA of the Privacy Act 1988 applies to the handling of personal information in declared emergencies or disasters.
Get RSS feeds