The Australian Information Commissioner has powers under the Privacy Act 1988 and other legislation to make or approve legally binding guidelines and rules. These are legislative instruments and are generally required under the Legislative Instruments Act 2003 to be registered and published on the Federal Register of Legislative Instruments and tabled in the Parliament.
To assist agencies, businesses and individuals, the Office of the Australian Information Commissioner (OAIC) also issues non-binding guidelines, which can be found on the Advisory privacy guidelines page, and resources for agencies and organisations.
The Guidelines under Section 95 of the Privacy Act 1988, 2014 have been issued by the National Health and Medical Research Council with the approval of the Privacy Commissioner. They outline requirements for the protection of privacy in the conduct of medical research.
The Guidelines approved under Section 95A of the Privacy Act 1988 (2014) (Section 95A guidelines) provide a framework for human research ethics committees to assess proposals to handle health information (without the consent of the subject).
Use and disclosure of genetic information to a patient's genetic relatives under s 95AA of the Privacy Act: Guidelines for health practitioners in the private sector (2014) has been issued by the National Health and Medical Research Council with the approval of the Privacy Commissioner.