Skip to main content
Skip to secondary navigation
Australian Government - Office of the Australian Information Commissioner - Home

Improving privacy in Australia’s general practices a joint effort

Acting Australian Information Commissioner, Timothy Pilgrim, has today welcomed a series of actions by Australia’s peak medical groups to improve privacy practices at Australia’s GP clinics.

“A recent assessment of GP practices by the Office of the Australian Information Commissioner (OAIC) suggests that many practices could use more practical support to improve or establish privacy policies,” said the Commissioner.

“The OAIC appreciates that many GP practices are small to medium sized businesses and so practical, industry-relevant support is an effective way to improve privacy outcomes for practices and patients.”

“So I welcome the fact that the Australian Medical Association (AMA), the Royal Australian College of General Practitioners (RACGP), the Australian College of Rural and Remote Medicine (ACRRM) and the Australian Association of Practice Management (AAPM) have come together with the OAIC to provide practical support to their members to deliver open and transparent privacy policies within their practices.”

The OAIC regulates Australia’s Privacy Act1988 and last year conducted an assessment of the privacy policies of 40 GP practices from across Australia. When the assessments revealed room for improvement, medical peak bodies were approached to help deliver training and practical solutions to assist GP practices.

Chair of the AMA Council of General Practice, Dr Brian Morton, said that “privacy is fundamental to the trusted relationship between a doctor and a patient and practices go to great lengths to protect this. The assessment report shows that some may need more guidance on how to develop transparent and robust privacy policies. The AMA is actively helping them with this.”

The Royal Australian College of General Practitioners President, Dr Frank R Jones, said the report was a timely reminder for general practices to review their privacy policies. “The RACGP provides useful resources to general practices to make adherence to the rules straightforward and our goal is to improve the practical help and support we already provide.”

Danny Haydon, President of AAPM, confirmed that Practice Managers have a key role in ensuring their practice has an easily accessible privacy policy in place and that AAPM assists practice managers to implement this through a range of resources.

ACRRM President Professor Lucie Walters said, “rural and remote doctors are keenly aware of the importance of privacy issues, especially given the circumstances of rural medical practice. ACRRM will be doing as much as possible to support its members to ensure that both the documentation and implementation of practice privacy policies are consistent with the requirements of the Privacy Act”.

Commissioner Pilgrim emphasised that a collaborative approach to create strong privacy governance in Australian businesses was always the OAIC’s preferred approach.

“The OAIC works constructively with businesses and the wider community to build an integrated approach to privacy compliance,” said the Commissioner.

“Thanks to the efforts of these peak bodies and the OAIC’s team, that preferred approach will lead to improved privacy management for Australian GPs and their patients.” 

About the report

The report focused on assessing the privacy policies of 40 General Practice Clinics against Australian Privacy Principle (APP) 1 under the Privacy Act 1988. APP1 has a focus on open and transparent management of personal information.

The purpose of the assessment was to assist GP clinics to improve or enhance their existing privacy policy, taking into account the requirements under the Privacy Act 1988 (Privacy Act).The assessment aimed to enhance the GP clinics’ understanding of privacy and their obligations under the Privacy Act.

It examined the content, layout and availability of the privacy policy but did not consider how the information handling procedures set out in the privacy policy were implemented in practice. This report does not make conclusions about broader privacy practices of GP clinics beyond the scope described above.

The General Practice Clinics APP 1 Privacy Policy assessment report was conducted under Section 33C of the Privacy Act 1988.

To access the report, please visit

About the OAIC

The Office of the Australian Information Commissioner (OAIC) has a range of regulatory responsibilities and powers under the Privacy Act 1988 and other legislation including the Freedom of Information Act 1982.

The OAIC is headed by the Acting Australian Information Commissioner. The Information Commissioner is supported by the Assistant Commissioner, Regulation & Strategy and the Assistant Commissioner, Dispute Resolution, and OAIC staff.

For further information about the OAIC, please visit or follow @OAICgov.

Media contact: Alison Wares             0407 663 968