Office of the Australian Information Commissioner - Home

Australian Government - Office of the Australian Information Commissioner
Australian Government - Office of the Australian Information Commissioner

Main menu

Annual report 2011–12 — Index

(Note that the number references on this page refer to page numbers in the hardcopy and PDF versions of the Annual Report. It is included in the HTML version to assist readers to know what is covered in the report.)

A

accountability, management, 57-62

ACT Government, 42, 47

agencies, 25, 42, 46, 53
agency advice, 46, 47
audits, 42-3
Department of Justice and Community Safety (JACS), 46, 141

Administrative Appeals Tribunal, 1, 9, 10, 11, 20, 53

Administrative Appeals Tribunal Act 1975, 53

Administrative Review Council, 9, 53

advertising and market research, 62

advertising online, 55

advice, policy, 45-8

advocates, privacy and consumer, 53-4

agencies

see government agencies

Ahead of the Game: Blueprint for the Reform of the Australian Government Administration, 3

airports

body scanning, 46, 141
urgent alerts to staff, 43

Alzheimers' Australia, 47, 55

apologies, 33, 34, 38

APS Statistical Bulletin, 61

APS Values and Code of Conduct, 58

Archives Act 1983, 20

amendment to open access period, 10

Asia Pacific Privacy Authorities Forum (APPA), 51, 52, 55, 56

Asia-Pacific Economic Cooperation (APEC), 51, 53

assets management, 62

Association of Information Access Commissioners (AIAC), 51-2

Attorney-General's Department, 6, 23, 47, 49

Audit Committee, 57

audit, external, 70-1, 105-6

audit, internal 57, 58

Auditor-General, 58

see also Australian National Audit Office (ANAO)

audits, privacy, 42-4

AusTender, 62

Australian Communications and Media Authority, 47

Australian Computer Society Canberra 2011 conference, 23

Australian Customs and Border Protection, audits, 43-4, 141

Australian Federal Police, 13, 42, 47

Australian Government Chief Information Officer Forum, 23

Australian Government Information Management Office (AGIMO), 23, 47

Australian Governments Open Access and Licensing Framework (AusGOAL), 23

Australian Human Rights Commission (AHRC), 53, 57, 59

Memorandum of Understanding, 57, 62

Australian Information Commissioner, v, 5, 22, 23, 32, 36, 40, 45, 54, 56, 57, 58

functions, 5, 10, 19
overview, 1-4
see also Office of the Australian Information Commissioner

Australian Information Commissioner Act 2010 , ii, v, 1, 5, 54

Australian Law Reform Commission, 4, 9, 48, 53

Australian Legal Information Institute

website, 10, 12

Australian Medical Association, 55

Australian National Audit Office (ANAO), 57

access clauses, 62
audit report (Office of the Australian Information Commissioner), 105-6
audit report (Office of the Privacy Commissioner), 70-1

Australian Privacy Principles, 48

Australian Public Service Commission, 47
State of the Service Report, 61

Australian Taxation Office (ATO), 13, 31, 39, 41

Australian Workplace Agreement, 58

aviation security, 46, 48

awareness, promoting, 51-6

B

Biometrics Institute Privacy Code, 36

body scanning, 46, 141

building companies, 41

C

case notes, 26, 38

case studies/examples

extension of time negotiation, 17
own motion investigation v airline, 39
privacy issue enquiries, 28-9
resolution of complaint, 15
resolution of IC Review by agreement, 12

Centrelink, 13, 31, 39, 40, 43, 141

certified agreement, 57, 59, 61

Chief Executive Instructions, 57, 58

children, 49, 52

Client Service Charter, 65

cloud computing, 46

Cloud Computing Consultative Committee, 46

Cloud Computing Strategic Direction Paper, 46

Commissioners, Assistant, 7, 57, 58

Commissioners, OAIC, 5-6, 7, 8, 23, 58, 142

Commonwealth Fraud Control Guidelines, ii

Commonwealth Ombudsman, 1, 9, 10, 13, 14, 53, 58

Commonwealth Procurement Guidelines, 62

Commonwealth Reference Group on Identity Security (CRGIS), 47

communication and engagement, 51-6

Communications Alliance, 48

compensation, 33, 34, 35

complaints, FOI, 9, 10-11, 13-15
investigations, 10-11
issues, 13
method for finalising, 14
respondent agencies, 13

complaints, privacy, 25, 29-36

closed following investigations, 32-5
closed following preliminary inquiries, 33-5
closed without investigation, 34-35
conciliation, 32, 33
grounds for declining to investigate further, 32
investigations, 32-3
issues, 30
by Privacy Act jurisdiction, 29
remedies, 33, 34-5
timeliness of finalisation, 32

Compliance Branch, 6, 7, 25

compliance with FOI Act, monitoring, 10-11

compliance with Information Publication Scheme, 4, 11-12

compliance, privacy, 25-6, 42-4

computer consultancies, 41

conciliation, 32, 33-4

conditional exemptions, 2, 9, 13

conferences, 3, 23, 53

consultancy services, 62

consultation, 3, 19, 22, 46, 48, 139

consumer advocates, 53-4

contact officer, vii

contractors working for government agencies, 9, 20, 43, 62

contracts, 62

corporate governance, 57

Council of Australian Governments, 61

credit reporting, 27, 28, 29, 30, 33, 35, 37, 42

audits, 44
ALRC's recommendations, 49

Credit Reporting Code of Conduct, 44

criminal records, 28

Cross-border Privacy Enforcement Arrangement (CPEA), 53

cultural change, 3, 21, 22

customer service, 14

D

data breach notifications, 25-6, 36, 38

issues, 38
voluntary, 25, 38, 39, 40

data breaches, 25, 37, 38, 39

data destruction, 43

data-matching, 39-40, 141

compliance with Act, 40
inspections, 40
program protocols, 40, 41
statutory guidelines, 39
voluntary guidelines, 39

Data Management Association Australia conference, 23

Data-matching Program (Assistance and Tax) Act 1990, 39

Declaration of Open Government, 3, 22

Department of Climate Change and Energy Efficiency, 41

Department of Finance and Deregulation, 56, 62

Department of Foreign Affairs and Trade, 43

Department of Health and Ageing (DoHA), 45, 46, 48

Department of Human Services (DHS), 46, 141

Department of Immigration and Citizenship (DIAC), 13, 47

Department of Infrastructure and Transport, 12, 141

Department of the Prime Minister and Cabinet (PM&C), 2, 3, 49, 52, 58

Department of Veterans' Affairs (DVA), 13, 39

disability reporting, 61

disclosure logs, 1, 9, 10, 18, 20, 21, 54

Document Verification Service (DVS), National, 43

Dun and Bradstreet, 44

E

ecologically sustainable development, 62

education, 51, 55, 56

resources, 20, 51, 55
see also training

e-health, 46, 47, 49

Emergency Call Service Requirements Code, 47

Employee Assistance Program, 61

enabling legislation, v, 5

Engage: Getting on with Government 2.0, 3, 22

enquiries, 17-18, 26-9

caller types, 17, 26
issues, 18, 27
by private sector industry group, 28

Enquiries Line, 17, 26, 36number of calls received, 17, 26

enterprise agreement, 57, 59, 61

environmental report, 62

equity funding, 62

error in previous annual reports, material, 145

ethical standards, 58

European Union, 52

Evidence of Identity (EOI), 43

Evolving Models of Governance and Accountability conference, 23

Executive Committee, 57, 58

external scrutiny, 58

F

Facebook, 31, 51, 56

Federal Court, 20

finance sector, 30, 31

financial institutions, 41

financial performance, 61-2

Office of the Australian Information Commissioner, 103
Office of the Privacy Commissioner, 66-7

financial statements

Office of the Australian Information Commissioner, 105-38
Office of the Privacy Commissioner, 69-102

fraud control, ii

freedom of information

access refusal, 1, 2, 10, 11, 12, 15, 20
complex or voluminous requests, 11, 15, 16, 17
exemptions, 2, 3, 9, 13, 19, 20
extensions of time, 11, 14, 15, 16, 17
extensions of time requests and notifications received, 15, 16
Fact Sheets, 20
fees/charges, 9, 11, 12
fees/charges, proposed review of, 4
officers, 55
functions, 5
guidelines, 19-20, 55
personal record requests, 2-3
public interest test, 9
request process reforms, 9
reviewing decisions, 1, 2, 4, 5, 6, 8, 9, 10, 11, 12, 13, 16
training, 54, 61
see also complaints, FOI

Freedom of Information Act 1982, v, 1, 2, 3, 5, 6, 9-20, 21, 51, 140

contact officer, 140
objects, 2, 9, 21
OAIC section 8 statement, 139-40
OPC section 8 statement, 139
reforms, 1, 5, 9, 11, 20, 21, 54-5

Freedom of Information Act 1982 Annual Report 2010-11, v

Freedom of Information Amendment (Reform) Act 2010, v, 9, 10

Freedom of Information Commissioner, 1, 5, 6, 7, 12, 51, 54, 58, 142

G

Global Privacy Enforcement Network (GPEN), 52

Glossary, 147

Google, 47

govdex.gov.au, 19, 51, 55-6

governance, corporate, 57

Government 2.0 Taskforce, 3, 47

report, 22
Steering Committee, 47

government agencies

advice, 46-7
communication with OAIC and FOI applicants, 14, 16
contractors working for, 9
information publication, 10, 11, 19, 22
liaison with, 23
resources allocated to FOI, 14
timeliness of processing FOI requests, 14, 16
training, 22, 33, 35, 38, 42, 51, 54-5, 56, 61, 141
websites, 3, 10, 11, 19, 20, 21, 56

government agency engagement, 3, 19, 22

Government Gazette, 15

govspace, 51, 56

grant programs, 62

Guide to Handling Personal Information Security Breaches, 36

guide to report, vi

Guidelines for the Conduct of the Data-matching Program, 39

Guidelines for the Use of Data-matching in Commonwealth Administration, 39, 40

H

health information, disclosure, 55

health records, personally controlled, 47

healthcare/health service providers, 17, 26, 28, 29, 31, 45, 46, 47, 48

Healthcare Identifiers (HI) Service, 44-5, 46

healthcare identifiers, 29, 44, 45, 46, 55, 141

audits, 44-5

Healthcare Identifiers Act 2010, 44-5

Hong Kong Commissioner for Data Reporting, 48

human resources, 58-60

average staffing level, 58, 67
Indigenous cadet, 59, 60
performance pay, 59
recruitment, 57, 62
remuneration, 59
SES, 58
staffing profile, 58, 59
studies assistance, 61
training, 61
turnover, 58
workplace diversity, 59
workplace safety, 61

I

IC (Information Commissioner) Reviews, 10, 15, 27, 140

agreement between parties, 10, 12
case study, 12
issues raised, 13
merits review of FOI decisions, 10
overview of applications, 12
process, 10, 12
respondent agencies, 13
time limit for applying for, 11

identity security, 47

audits, 43

Indigenous cadetship, 59, 60

industry codes, 48

Information Advisory Committee, 1, 54

Information Awareness Month, 22

Information Commissioner

see Australian Information Commissioner; IC Reviews

Information Commissioner's Guidelines, 10, 11, 19

Information Communications Technology (ICT), 62

Information Contact Officer Network (ICON), 51, 53

information management, 1-4, 8, 21-3

information policy, 1-4, 5, 8, 21-3

advice to agencies/the public, 20
cultural change, 3
integrated scheme, 2
issues paper, 8, 22
open access period, 10
pro-disclosure model, 9, 21

Information Privacy Principles, 27, 29, 36, 38, 42, 43replacement by Australian Privacy Principles, 48

Information Publication Scheme (IPS), 1, 9, 19, 53

agency compliance, 4, 11-12, 140
icon, 3
key elements of agency compliance, 11-12
monitoring and reviewing, 11-12
replacement of FOI section 8 statement, 140
self-assessment tool, 11, 19
see also Government 2.0 Taskforce

information and communications technology

body scanning, 46
cloud computing, 46
electronic health records, 46
Google, 47
govdex, 19, 55-6
govspace, 51, 56
healthcare identifiers, 44-5, 46
infrastructure, OAIC, 62
intranet, 58
new technologies, 3, 25, 51, 55-56
OAICnet, 54, 56
social media, 51, 55-56
web publication, government information, 19, 20
web 2.0, 3, 22, 47-8, 51, 55-6
see also website, OAIC/OPC; websites, other government agencies

internal auditors, 57, 58

International Conference of Data Protection and Privacy Commissioners, 32nd, 53

international engagement, 48, 51-3

international reforms, 2

investigations, 10-11, 32-3

see also own motion investigations

Israel, 53

Issues Paper on information policy, 8

J

judicial decisions, 58

judicial review, review of framework, 53

K

key performance indicators, Office of the Privacy Commissioner, 65

L

labour hire agencies, 41

learning and development, 61

letter of transmittal, ii

list of requirements, 143-5

M

Market and Social Research Privacy Code, 36

material errors in previous annual reports, 145

McMillan, John, 5, 7, 8, 142

see also Australian Information Commissioner

media, 54

number of enquiries, 54
releases, 54

medical records, 29

Medicare Australia, 44, 45, 46

memoranda of understanding, 62

ACT Government, 42, 141
Australian Customs and Border Protection Service, 141
Australian Human Rights Commission, 57, 141
Centrelink, 141
Department of Health and Ageing, 141
Department of Human Services, 46, 141
Department of Infrastructure and Transport, 141
Office of Transport Security, 46

merits review, FOI decisions, 10

Meta2011 conference, 23

Mexico, 52

Minister for Finance and Deregulation, 3, 22

Minister for Privacy and Freedom of Information, 8

monitoring activities

compliance with FOI Act, 10-11
compliance with Privacy Act, 42-4
data-matching, 39-40
Information Publication Scheme, 4, 11-12

N

National Archives of Australia, 23

National Disability Strategy, 61

National Document Verification Service (DVS), 43

National E-Health Transition Authority (NEHTA), 46

National Identity Security Coordination Group (NISCGT), 47

National Identity Security Strategy (NISS), 43

National Privacy Principles, 27, 28, 29, 30, 36, 38, 39, 47-9, 55

case studies, 28-9
replacement by Australian Privacy Principles, 48-9

New South Wales (NSW), 51

NSW Health, 46

New Zealand, 52

Ministry of Agriculture and Forestry, 48

Norfolk Island Act 1979, 47

Norfolk Island Administration, 25, 47, 53

Northern Territory (NT), 51

O

O'Connor, the Hon Brendan, 8

OAICnet, 54, 56

occupational health and safety, 61

Office for Children, Youth and Family Support, 42

Office of the Australian Information Commissioner (OAIC)

date of commencement of operations, v
equity funding, 62
freedom of information report, 139-40
functions, 5, 8, 10, 19, 54
launch, 8, 22
office premises, 57, 62
purpose/role, 2, 5, 8

Office of the Privacy Commissioner (OPC), 36, 38, 46, 48, 55, 61, 139

Certified Agreement 2009-2011, 59
freedom of information report, 139, 140
integration into OAIC, v, 57, 58
staff, 2, 58

Office of the Victorian Privacy Commissioner, 53

Office of Transport Security (OTS), 46

online advertising, 55

open government, 9-20

Declaration, 3, 22
information as a national resource, 2, 3, 21
legislative reforms underpinning, 1-2
OAIC role, 2
Principles on open public sector publication, 22-3
use of technology, 3

Operations Branch, 6, 7, 61

Optometrist Association of Australia, 47

Organisation for Economic Co-operation and Development, 51, 52-3

organisational structure, 6

chart, 7

outcomes and program structure, 6

Office of the Privacy Commissioner, 65-66

overview, 1-4

own motion investigations, FOI, 11, 13

own motion investigations, privacy, 36-8, 47

case study, 39
issues, 36-8
published report, 26

P

Passenger Name Record (PNR) data, 43

Pathfinder, APEC Data Privacy, 53

performance

Office of the Australian Information Commissioner, 103-4
overview, 1-4
Office of the Privacy Commissioner, 65-7

performance pay, 59

personal information, 2, 25-50

Personal Information Digest (PID), 45

Personally Controlled Electronic Health Record (PCEHR) system, 47, 49

draft Concept of Operations, 47

Pilgrim, Timothy, 6, 7, 8, 60, 142

see also Privacy Commissioner

police, 13, 28, 42, 47

policy advice, 46-8

Policy Branch, 6, 7

Popple, James, 6, 7, 8, 142

see also Freedom of Information Commissioner

Principles on open public sector information, 2, 22-3

Privacy Act 1988, v, 1, 2, 5, 6, 20, 25-50, 51, 54, 55, 56, 139

reforms, 25, 48-9

Privacy Advisory Committee, 54

Privacy Authorities Australia, 52

Privacy Awareness Week, 51, 56

privacy codes, approved, 36

Privacy Commissioner, 1, 6, 26, 32, 49, 50, 56, 57, 58

Privacy Connections, 53

privacy exemptions, 27, 28, 34

Privacy Fact Sheets, 55

privacy functions, 5

privacy impact assessments, 46, 47, 48

privacy law reform, 25, 48-9

Privacy Officer Contact (PCO) Network, 51, 53

privacy protection, individual, 2, 25-50

see also complaints, privacy

private sector, 25, 27, 28, 29, 47, 53

procurement, 62

public interest, 2, 3, 12, 38, 139

case study, 12
conditional exemptions, 2, 9, 13

Public Service Act 1999, 58, 59

public sector information, Principles of, 22-3

Publication of Public Sector Information (AGIMO checklist), 47

publications, 3, 55

purchasing, 62

Q

Queensland, 51, 52

Queensland Club Industry Privacy Code, 36

R

record amended, 33, 34

record keeping, 45, 46

records management, 3, 23

Remuneration Tribunal, 58

reports, non-publication, 44, 45

resources summary

Office of the Australian Information Commissioner, 103
Office of the Privacy Commissioner, 66-7

risk management, 57, 58

role, 1

RSS feeds, 56

S

Service Delivery Reform (SDR), 46, 49

Social Inclusion Measurement and Reporting Strategy, 61

social media, 51, 55, 56

South Korea, 52

speeches and presentations, 3, 23, 54-5, 142

spent convictions, 27, 29, 30

staff

see human resources

Standing Council on Community, Housing and Disability Services, 61

states and territories, 41, 46, 51, 52

Strategic and Business Planning, 58

Strategic Internal Audit Workplan, 57

strategic plan, 2, 54, 58

submissions, 48-9

survey, social networking, 56

systemic issues, 11, 25, 36, 61

T

Taskforce, implementation, 2, 58

Tasmanian Collection Services, 44

tax file numbers, 39, 42

technology companies, 26

telecommunications companies, 26, 28, 31

industry code, 48

Territories Law Reform Act 2010 (Cth), 47

Terrorism (Extraordinary Temporary Powers Act 2006 (ACT), 47

Towards an Australian Government Information Policy, 8, 22

tracking devices, 28

training

Australian Government agencies, 51, 54-5
FOI, 61
materials, 20, 55
staff, 61

transmittal letter, ii

Twitter, 51, 56

U

United States of America, 52

V

values, 58

Veda Advantage, 31, 44

vexatious applicants, 11

vision, 2

Vodafone Hutchison Australia, 31, 38

voluntary data breach notifications, 25, 38, 39

W

website, OAIC/OPC, vii, 6, 10, 12, 19, 20, 36, 38, 42, 46, 48, 53, 54,  55, 56, 65, 140

construction of OAIC, 55

websites, government agencies, 3, 10, 11, 19, 20, 21, 56

Western Australia (WA), 51

workplace diversity, 59

Workplace Diversity Plan, 59

Y

YouTube, 51, 56