The Office of the Australian Information Commissioner creates guidelines that are not legislative instruments and that are therefore not legally binding. Under the Privacy Act 1988, the Australian Information Commissioner has the power to make advisory privacy guidelines.
As well as the guidelines published below the OAIC has also issued Australian Privacy Principles (APP) guidelines on a separate menu item.
The Office of the Australian Information Commissioner (OAIC) also publishes binding guidelines, which can be found on the Legally binding guidelines and rules page, and resources to assist agencies, businesses and individuals, which can be found in the Privacy resources section.
The Privacy Act gives the Information Commissioner the discretion to recognise external dispute resolution (EDR) schemes to handle privacy-related complaints. These guidelines outline the conditions that must be met by EDR schemes to be recognised under the Privacy Act.
Importantly, from 12 March 2014, under Part IIIA of the Privacy Act, a credit provider must be a member of an EDR scheme recognised under the Privacy Act to be able to participate in the credit reporting system.
Issued under section 35A of the Privacy Act 1988 on 27 September 2013
These guidelines assist in ensuring that data-matching programs between Australian Government agencies are designed and conducted in accordance with sound privacy practices.
The guidelines are issued by the Privacy Commissioner under s.27(1)(e) of the Privacy Act. Issued February 1998.