It is common for legislation (such as the Privacy Act 1988) to allow some other person or body to make a law on matters of detail under the relevant Act. This law is called a legislative instrument. Legislative instruments are legally binding and are generally required under the Legislative Instruments Act 2003 to be registered and published on the Federal Register of Legislative Instruments (which is a part of ComLaw website) and tabled in the Parliament.
There are many types of legislative instruments, the most common are: guidelines, rules, codes, determinations and regulations. The relevant legislation will usually outline what kind of document the legislative instrument is to be.
The Australian Information Commissioner is required by legislation to make or approve a number of legally binding privacy guidelines.
The Office of the Australian Information Commissioner (OAIC) also publishes non-binding guidelines, which can be found on the Advisory guidelines page, and resources to assist agencies, businesses and individuals, which can be found in the Privacy resources section.