17 December 2021

Download our 2021 highlights infographic

OAIC high lights

Long text description

In 2021 the Office of the Australian Information Commissioner worked to increase public trust and confidence in the protection of personal information and access to government-held information.

Encourage and support proactive release of government information:

  • Developed FOI capabilities through new resources, guidelines, reports and information sessions
  • Released joint open by design principles for governments

Advance online privacy protections:

  • Took regulatory action to protect Australians online, including an international joint investigation
  • Promoted and advised on Privacy Act review and Online Privacy Code
  • Oversaw new personal information handling practices to support the pandemic response and recovery.

Influence and uphold privacy and information access rights frameworks:

  • Regulated compliance with personal information security obligations through the Notifiable Data Breaches scheme and Consumer Data Right
  • Ensured more than 700 data breaches were notified to individuals, rectified and remedied
  • Finalised Commissioner-initiated investigations on high privacy impact technologies, security and FOI
  • Finalised more than 2,000 privacy complaints from individuals
  • Completed proactive assessments to enhance organisations’ privacy practices, including on CDR and COVIDSafe
  • Commenced proactive assessments of PIA register compliance and My Health Record access security policies
  • Issued national principles for handling personal information in the pandemic
  • Finalised almost 1,100 Information Commissioner reviews, up more than 10%
  • Finalised more than 160 FOI complaints, up more than 10%
  • Helped more than 13,000 people with privacy and FOI enquiries through our public information service
  • Influenced legislative and regulatory frameworks through 15 submissions on privacy and FOI matters
  • Worked with agencies to improve statutory processing timeframes for FOI.

Contemporary approach to regulation:

  • Engaged with Australian and international counterparts to promote regulatory cooperation and information rights
  • Provided international leadership to the data protection community through key roles in the Global Privacy Assembly
  • Raised awareness of regulatory focus through more than 40 events and presentations.

Support delivery of Digital Economy Strategy and Cyber Security Strategy:

  • Supported the accelerated rollout of the Consumer Data Right, through guidance, complaint handling processes and partnerships with CDR agencies
  • Advised government on development of Digital Identity System, Australian Data Strategy and My Health Records
  • Supported government consideration of cyber security regulation.