Skip to main content

The Office of the Australian Information Commissioner will be closed on 6 October 2025 due to a public holiday. We will open on 7 October 2025. If you have a query, please use our General Enquiry form and we will respond to your query in due course.

21 July 2020

The Office of the Australian Information Commissioner (OAIC) is making urgent preliminary inquiries about the facts and circumstances of the reported data breach of patient information in Western Australia.

The Federal Privacy Act covers private health providers, organisations with an annual turnover of more than $3 million and most Australian Government agencies. It does not generally cover Western Australian State Government Departments.

An entity regulated by the Privacy Act must take reasonable steps to protect personal information it holds from misuse, interference and loss, as well as unauthorised access, modification or disclosure.

The OAIC publishes information for entities covered by the Privacy Act about data breach preparation and response. It also has published a submission to the Western Australian Government regarding privacy and responsible information sharing for the Western Australian public sector.