Office of the Australian Information Commissioner

We are at the forefront of guidance, monitoring and enforcement of Australia’s privacy and freedom of information law.

Through this, we aim to shape how emerging technologies and data practices impact the lives of every Australian.

Our
performance

We are successful when we:

Assist businesses and Australian Government agencies to understand their privacy obligations, and encourage them to respect and protect the personal information they handle.

Primary activities:

  • Develop the privacy management capabilities of Australian Government agencies and businesses, and promote privacy best practice.
  • Manage data breach notifications.
  • Conduct privacy assessments.
  • Develop legislative instruments.
  • Conduct regulatory activities and help businesses understand their rights and responsibilities under the Consumer Data Right.

Efficiently and effectively take action against suspected interferences with privacy to improve compliance with the Privacy Act.

Primary activities:

  • Conduct Commissioner initiated investigations.
  • Manage privacy complaints.

Help the community to understand and feel confident to exercise their privacy and information access rights.

Primary activities:

  • Provide a public information service.
  • Promote awareness and understanding of privacy rights in the community.
  • Provide an FOI public information service.
  • Promote awareness and understanding of information access rights in the community.

Assist Australian Government agencies to understand their freedom of information obligations, and respect and promote access to government information.

Primary activity:

  • Develop the FOI capabilities of Australian Government agencies and ministers, and promote FOI best practice.

Efficiently and effectively carry out our regulatory functions under the Freedom of Information Act 1982.

Primary activities:

  • Conduct Information Commissioner reviews.
  • Investigate FOI complaints and conduct Commissioner initiated investigations.

Promote and uphold privacy rights

  • Continue to administer the Notifiable Data Breaches scheme, and work with key stakeholders to build business and government capacity to reduce the potential for and to respond to data breaches, and to assist individuals who are affected by a data breach.
  • Engage in the development and prepare for commencement of the Consumer Data Right and work collaboratively with the Australian Competition and Consumer Commission (ACCC).
  • Work collaboratively with the National Data Commissioner to assist in the development of a new data sharing and release framework.
  • Work with credit providers, credit reporting bodies, consumers and external dispute resolution schemes to help ensure that changes to credit reporting under the proposed mandatory Comprehensive Credit Reporting (CCR) regime are implemented in a way that protects the privacy of individuals and facilitates an efficient credit reporting system.
  • Update existing guidance where required and develop new guidance on privacy rights and obligations.
  • Use our discretionary regulatory powers in a proportionate and targeted way to ensure the protection of personal data.
  • Support compliance with the Australian Government Agencies Privacy Code.
  • Conduct targeted assessments in priority areas in order to monitor and improve privacy practices.
  • Promote Privacy Awareness Week 2019.

Promote and uphold information access rights

  • Continue the development of our early resolution process to improve the review time of Information Commissioner reviews and to further meet the objectives of providing an informal, non-adversarial and timely review process.
  • Update resources for applicants to help them understand the Information Commissioner review process.
  • Update resources for agencies and ministers to support best practice decision making.
  • Support FOI officers through the provision of communication materials, training and advice.
  • Continue to participate in the Open Government Forum, and contribute to the development and implementation of Australia’s next Open Government National Action Plan.
  • Review the administration of the Information Publication Scheme and disclosure logs by agencies and ministers.
  • Monitor agencies’ compliance with the statutory decision making timeframes, as set out in the FOI Act.
  • Conduct a campaign for Right to Know Day 2018.

Promote and uphold privacy rights.

We helped the community with
19,407
of their privacy questions
16%

14,928
Phone

14928

4,452
Written

4452

27
In person

27

We received 2,947 privacy complaints this year and helped the public resolve
2,766
of these privacy issues
11%

97%
of complaints were resolved within 12 months of receipt

During the year, the majority of complaints came from the following sectors

We reviewed the privacy practices of
41 organisations
through
27 assessments

Skip Organisations

security

Assessment of contractual provisions for services in regional processing centres — Department of Immigration and Border Protection

Assessment focus

APPs 1.2 and 11

Report published

Mar 2018

View Report

security

Handling passenger name records – Department of Immigration and Border Protection

Assessment focus

APPs 6 and 11

Report published

TBA

security

Managing passenger name records — Department of Home Affairs

Assessment focus

APPs 6 and 11

Report published

TBA

security

Assessment of departures SmartGates systems – Department of Immigration and Border Protection

Assessment focus

APP 11

Report published

TBA

security

Assessment of the outward advance passenger processing system – SITA

Assessment focus

APP 11

Report published

TBA

government

Tax File Number assessment — agencies with publication obligations under the Privacy (Tax File Number) Rule 2015

Assessment focus

TFN Rules 13 and 14

Report published

TBA

government

Tax File Number assessment — agencies with publication obligations under the Privacy (Tax File Number) Rule 2015

Assessment focus

TFN Rules 13 and 14

Report published

TBA

government

Tax File Number assessment — agencies with publication obligations under the Privacy (Tax File Number) Rule 2015

Assessment focus

TFN Rules 13 and 14

Report published

TBA

government

Tax File Number assessment — agencies with publication obligations under the Privacy (Tax File Number) Rule 2015

Assessment focus

TFN Rules 13 and 14

Report published

TBA

government

Tax File Number assessment — agencies with publication obligations under the Privacy (Tax File Number) Rule 2015

Assessment focus

TFN Rules 13 and 14

Report published

TBA

government

Tax File Number assessment — agencies with publication obligations under the Privacy (Tax File Number) Rule 2015

Assessment focus

TFN Rules 13 and 14

Report published

TBA

government

Management of personal information – Access Canberra

Assessment focus

TPPs 1 and 5

Report published

Dec 2017

View Report

government

NEIDM data matching program — Department of Human Services

Assessment focus

APPs 1.2, 3 and 5

Report published

TBA

government

PAYG data matching program — Department of Human Services

Assessment focus

APPs 10 and 13

Report published

TBA

government

Handling personal information — ACT Housing

Assessment focus

TPPs 6 and 11

Report published

TBA

government

Securing personal information for data matching — Department of Human Services

Assessment focus

APP 11

Report published

TBA

government

Accessing personal information – Department of Immigration and Border Protection

Assessment focus

APP 12

Report published

TBA

government

Follow-up of DIBP’s implementation of the recommendations made in the assessment of Schedule 7 of the Foreign Fighters Act

Assessment focus

APPs 1, 3, 5, 6 and 11

Report published

Oct 2017

View Report

government

Follow-up of DIBP’s implementation of the recommendations made in the assessment of Schedule 6 of the Foreign Fighters Act

Assessment focus

APPs 3, 5, 6 and 11

Report published

TBA

government

Follow-up of DIBP’s implementation of the recommendations made in the assessment of Schedule 5 of the Foreign Fighters Act

Assessment focus

APPs 1, 3, 5, 6 and 11

Report published

TBA

health

Management of personal information – Department of Human Services as the contact services provider for the My Health Record system

Assessment focus

APP 1.2

Report published

Nov 2017

View Report

health

Securing personal information – My Health Record

Assessment focus

APP 11

Report published

TBA

consumer

Management of personal information — Qantas Frequent Flyer

Assessment focus

APPs 1 and 5

Report published

TBA

consumer

Management of personal information — Velocity Frequent Flyer

Assessment focus

APPs 1 and 5

Report published

TBA

it

Summary of OAIC assessment of telecommunication organisations’ information security practices when disclosing personal information under the Telecommunications (Interception and Access) Act 1979

Assessment focus

APP 11

Report published

Jan 2018

View Report

it

Summary of OAIC assessment of telecommunication organisations’ information security practices when disclosing personal information under the Telecommunications (Interception and Access) Act 1979

Assessment focus

APP 11

Report published

Jan 2018

View Report

it

Summary of OAIC assessment of telecommunication organisations’ information security practices when disclosing personal information under the Telecommunications (Interception and Access) Act 1979

Assessment focus

APP 11

Report published

Jan 2018

View Report

it

Summary of OAIC assessment of telecommunication organisations’ information security practices when disclosing personal information under the Telecommunications (Interception and Access) Act 1979

Assessment focus

APP 11

Report published

Jan 2018

View Report

it

Management of personal information – Five registered training organisations

Assessment focus

APPs 1 and 5

Report published

TBA

it

Management of personal information – Five registered training organisations

Assessment focus

APPs 1 and 5

Report published

TBA

it

Management of personal information – Five registered training organisations

Assessment focus

APPs 1 and 5

Report published

TBA

it

Management of personal information – Five registered training organisations

Assessment focus

APPs 1 and 5

Report published

TBA

it

Management of personal information – Five registered training organisations

Assessment focus

APPs 1 and 5

Report published

TBA

it

Handling personal information – VIX Verify

Assessment focus

APPs 3, 5 and 11

Report published

Feb 2018

View Report

it

Handling personal information – Trulioo

Assessment focus

APPs 3, 5 and 11

Report published

Mar 2018

View Report

it

Securing personal information - Telstra

Assessment focus

APP 11

Report published

TBA

it

Summary of follow up of s309 telecommunication inspections

Assessment focus

ss 306 and 306A of the Telecommunications Act

Report published

Nov 2017

View Report

it

Summary of follow up of s309 telecommunication inspections

Assessment focus

ss 306 and 306A of the Telecommunications Act

Report published

Nov 2017

View Report

it

Summary of follow up of s309 telecommunication inspections

Assessment focus

ss 306 and 306A of the Telecommunications Act

Report published

Nov 2017

View Report

health

Securing personal information – Healthscope Group

Assessment focus

APP 11

Report published

TBA

security

Securing personal information: access security - IBM

Assessment focus

APP 11

Report published

TBA

The Notifiable Data Breaches (NDB) scheme came into effect on 22 February 2018.

We received
507
data breaches from businesses
in Australia and across the world

174
voluntary
28
mandatory
digital health
305
NDBs

Of the NDBs that we received this year

54% were malicious or caused due to criminal attacks

4% were due to system glitches

40% were caused by human error

2% uncategorised

Breakdown of NDBs
by sector

Promote and uphold information access rights.

We helped the community resolve
1,931
of their FOI questions
6%

The top three matters related to:

1 General processing of FOI requests and complaints

2 FOI matters outside of our jurisdiction

3 Help and assistance for government agencies and ministers with their FOI processing

1,339
Phone

1339

584
Written

584

8
In person

8
  • We received
    801 requests
    for an Information Commissioner review
    27%

    Information Commissioner reviews give the community an avenue for redress if they approach a government agency or minister for information and are not satisfied with the decision they receive

  • We finalised
    610 Information Commissioner reviews
    84% of applications were resolved within 12 months of receipt

We finalised
80%
of Information Commissioner reviews without proceeding to a formal decision

In turn, only
20%
of Information Commissioner reviews resulted in a formal Commissioner decision

Other Outcomes

Triage
  • 13%

    Out of Scope

  • 3%

    Allowed to go direct to AAT

  • 24%

    Discretion not to review exercised
    for example

    • lacking substance
    • non-cooperative
    • lost contact
Case Management
  • Applicant withdraws after revised decision or for another reason

    32%
  • Formal agreement

    7%
Commissioner decisions
  • 20%
    Commissioner decisions

Freedom of
information statistics

Further information and combined APS agency FOI statistics can be viewed on data.gov.au

View freedom of information statistics

Develop the personal information management capabilities of Australian businesses and government agencies.

We partnered with
360 businesses and agencies
to promote Privacy Awareness Week

We provided
500+ pieces of substantial advice
to public and private sector organisations

We worked with a number of government agencies to ensure that they considered privacy from the start and incorporated it into upcoming policies and legislation. To help achieve this, we provided over
29 submissions to government

Our
performance

We successfully:

1. Assisted businesses and Australian Government agencies to understand their privacy obligations and respect and protect the personal information that they handle.

Primary activities:

  • Developed the privacy management capabilities of Australian Government agencies and businesses, and promoted privacy best practice
  • Managed data breach notifications.
  • Conducted privacy assessments.
  • Developed legislative instruments.

2. Efficiently and effectively took action against suspected interferences with privacy to improve compliance with the Privacy Act 1988.

Primary activities:

  • Conducted Commissioner-initiated investigations
  • Managed privacy complaints.

3. Assisted the community to understand and feel confident to exercise their privacy and information access rights.

Primary activities:

  • Provided a public information service.
  • Promoted awareness and understanding of privacy rights in the community.
  • Provided an FOI public information service.
  • Promoted awareness and understanding of information access rights in the community.

4. Assisted Australian Government agencies to understand their freedom of information obligations and to respect and promote access to government information.

Primary activity:

  • Developed the FOI capabilities of Australian government agencies and ministers, and promoted FOI best practice.

5. Efficiently and effectively carried out our regulatory functions under the Freedom of Information Act 1982.

Primary activities:

  • Conducted Information Commissioner reviews
  • Investigated FOI complaints and conducted Commissioner-initiated investigations.

Promote and uphold privacy rights

Develop the privacy management capabilities of businesses and Australian Government agencies and promote privacy best practice

  • The OAIC applies a risk-based, proportionate approach to facilitate compliance with privacy obligations and promote privacy best practice
  • Guidance and educational materials are amended to incorporate learnings from regulatory activities such as assessments and investigations
  • Regular dialogue and consultation with businesses and Australian Government agencies is undertaken
  • The number of participating partners for Privacy Awareness Week is increased.

Manage data breach notifications

  • 80% of data breach notifications finalised within 60 days
  • 80% of My Health Records data breach notifications finalised within 60 days
  • Guidance and support tools for the Notifiable Data Breach scheme are published
  • Statistics on data breach notifications are published to inform the community about the operation of the data breach notification scheme.

Conduct Commissioner-initiated investigations (CIIs)

  • 80% of CIIs finalised within 8 months
  • CIIs result in improvements in the privacy practices of investigated entities
  • CII outcomes and lessons learnt are publicly communicated.

Manage privacy complaints

  • 80% of privacy complaints finalised within 12 months
  • Complaint handling service is promoted to the community.

Conduct privacy assessments

  • Assessments are completed in accordance with the schedule developed in consultation with the assessment target
  • Monitoring and compliance approaches are coordinated with the business and operational needs of the assessment targets
  • High proportion of recommendations accepted by assessment targets
  • Key assessment outcomes and lessons learnt are publicly communicated where appropriate.

Provide a privacy public information service

  • 90% of written enquiries are finalised within 10 working days
  • New community, legal and other networks are identified for targeted promotion of the public information service.

Promote awareness and understanding of privacy rights in the community

  • Increase in media and social media mentions about privacy rights
  • Awareness and understanding about privacy rights and the role of the OAIC is improved
  • Increase in attendance numbers and positive feedback from public facing events
  • The OAIC’s website is accessible for individuals and contains targeted content about privacy rights.

Develop legislative instruments

  • Applications for Public Interest Determinations and Australian Privacy Principles codes are considered and responded to in a timely manner
  • Legislative instruments are reviewed when necessary.

Promote and uphold information access rights

Develop the FOI capabilities of Australian Government agencies and ministers, and promote FOI best practice

  • Tools and guidance are updated to assist Australian Government agencies to comply with the IPS
  • Guidance and resources are reviewed and updated to assist Australian Government agencies and ministers to apply the FOI Act
  • The majority of OAIC’s stakeholders receiving information are satisfied with the content and delivery.

Conduct Information Commissioner reviews

  • 80% of IC reviews are completed within 12 months.

 

 

Manage FOI complaints and investigations

  • 80% of FOI complaints finalised within 12 months
  • 80% of FOI Commissioner initiated-investigations finalised within 8 months.

Provide a FOI public information service

  • 90% of FOI written enquiries are finalised within 10 working days
  • New community, legal and other networks are identified for targeted promotion of the public information service.

Promote awareness and understanding of information access rights in the community

  • Increase in media and social media mentions about information access rights
  • The OAIC’s website is accessible for individuals and contains targeted content about information access rights.

Promote, uphold and shape Australian information privacy rights.

We helped the community with
16,793
of their privacy questions
12%

13,301
Phone

13301

3,478
Written

3478

14
In person

14

We received 2,494 privacy complaints this year and helped the public resolve
2,485
of these privacy issues
22%

95%
of complaints were resolved within 12 months of receipt

During the year, the majority of complaints came from the following sectors

We reviewed the privacy practices of
35 organisations
through
25 assessments

Skip Organisations

security

Immigration and Border Protection (Contractual arrangements)

Assessment focus

APP 11

Report published

TBA

security

Immigration and Border Protection (Advanced Passenger Processing)

Assessment focus

APP 11

Report published

Oct 2016

View Report

security

Immigration and Border Protection (SmartGate)

Assessment focus

APP 11

Report published

Oct 2016

View Report

security

PNR (follow-up on new administrative arrangements)

Assessment focus

APP 6

Report published

TBA

security

Immigraton and Border Protection (SmartGate systems)

Assessment focus

APP 11

Report published

TBA

security

Immigration and Border Protection (Advanced Passenger Processing - SITA)

Assessment focus

APP 11

Report published

TBA

government

Unique Student Identifier (USI)

Assessment focus

APP 1

Report published

Jan 2017

View Report

government

ACT Access Canberra

Assessment focus

TPP 1

Report published

TBA

government

Tax file number: Publication obligations

Assessment focus

TFN 13

Report published

TBA

government

Tax file number: Publication obligations

Assessment focus

TFN 13

Report published

TBA

government

Tax file number: Publication obligations

Assessment focus

TFN 13

Report published

TBA

government

Tax file number: Publication obligations

Assessment focus

TFN 13

Report published

TBA

government

Tax file number: Publication obligations

Assessment focus

TFN 13

Report published

TBA

government

Tax file number: Publication obligations

Assessment focus

TFN 13

Report published

TBA

government

Tax file number: Publication obligations

Assessment focus

TFN 13

Report published

TBA

government

Immigration and Border Protection

Assessment focus

APP 12

Report published

TBA

government

DHS: Data matching NIEDM

Assessment focus

APP 1

Report published

TBA

government

DHS: Data matching PAYG

Assessment focus

APP 10

Report published

TBA

health

My Health Records: National Repositories Service - follow up

Assessment focus

APP 11

Report published

Sep 2016

health

My Health Records: Aust Health Practitioner Registration Agency (AHPRA)

Assessment focus

APP 10

Report published

TBA

health

DHS: Contract service provider to My Health Record System Operator

Assessment focus

APP 1

Report published

TBA

it

Telstra: Requests for information by law enforcement agencies

Assessment focus

APP 11

Report published

TBA

it

Vodafone: Requests for information by law enforcement agencies

Assessment focus

APP 11

Report published

TBA

it

Optus: Requests for information by law enforcement agencies

Assessment focus

APP 11

Report published

TBA

it

iiNET: Requests for information by law enforcement agencies

Assessment focus

APP 11

Report published

TBA

it

Document Verification Service (Gateway Service Provider - Trulioo)

Assessment focus

APP 11

Report published

TBA

it

Document Verification Service (Gateway Service Provider - VIX Verify)

Assessment focus

APP 11

Report published

TBA

it

Unique Student Identifier (USI) - Registered training organisations

Assessment focus

APP 1

Report published

TBA

it

Unique Student Identifier (USI) - Registered training organisations

Assessment focus

APP 1

Report published

TBA

it

Unique Student Identifier (USI) - Registered training organisations

Assessment focus

APP 1

Report published

TBA

it

Unique Student Identifier (USI) - Registered training organisations

Assessment focus

APP 1

Report published

TBA

it

Unique Student Identifier (USI) - Registered training organisations

Assessment focus

APP 1

Report published

TBA

consumer

QANTAS Frequent Flyer Loyalty Program

Assessment focus

APP 1

Report published

TBA

consumer

Virgin Velocity Loyalty Program

Assessment focus

APP 1

Report published

TBA

health

Healthscope Ltd

Assessment focus

APP 11

Report published

TBA

We received
149
data breaches from businesses
in Australia and across the world

114
voluntary
35
mandatory

Of the data breaches that we received this year

35% were malicious or caused due to criminal attacks

16% were due to system glitches

46% were caused by human error

3% uncategorised

Breakdown
by sector

Promote and uphold Australian information access rights.

We helped the community resolve
2,062
of their FOI questions
16%

The top three matters related to:

1 General processing of FOI requests and complaints

2 FOI matters outside of our jurisdiction

3 Help and assistance for government agencies and ministers with their FOI processing

1,454
Phone

1454

599
Written

599

9
In person

9
  • we received
    632 requests
    for an Information Commissioner review
    24%

    Information Commissioner reviews give the community an avenue for redress if they approach a government agency or minister for information and are not satisfied with the decision they receive

  • we finalised
    515 Information Commissioner reviews
    86% of applications were resolved within 12 months of receipt

We finalised
80%
of Information Commissioner reviews without proceeding to a formal decision

In turn, only
20%
of Information Commissioner reviews resulted in a formal Commissioner decision

Other Outcomes

Triage
  • 7%

    Out of Scope

  • 3%

    Allowed to go direct to AAT

  • 24%

    Discretion not to review exercised
    for example

    • lacking substance
    • non-cooperative
    • lost contact
Case Management
  • Applicant withdraws after revised decision or for another reason

    43%
  • Formal agreement

    2%
Commissioner decisions
  • 20%
    Commissioner decisions

Freedom of
information statistics

Further information and combined APS agency FOI statistics can be viewed on data.gov.au

View freedom of information statistics

Develop the personal information management capabilities of Australian businesses and government agencies.

we partnered with
369 businesses and agencies
to promote Privacy Awareness Week

we provided
140+ pieces of substantial advice
to public and private sector organisations

we worked with a number of government agencies to ensure that they considered privacy from the start and incorporated it into upcoming policies and legislation. To help achieve this, we provided over
15 submissions to government

Our
performance

Environment

The coming years will continue to see rapid change in areas including technology, social and government service delivery. To ensure we are at the forefront of these changes, we will work closely with government and industry to better understand our operating environment, gain best practice and develop suitable processes and policies.

These processes and policies will be developed with both individuals and businesses in mind, with a focus on facilitating the use of data while protecting the personal information rights of individuals and enhancing transparency.

The coming years will also see continuing and increased development in the international space. As personal information continues to cross borders at a substantial rate and privacy becomes an increasingly important matter both politically and in the media, we will look both domestically and internationally to ensure we have the appropriate working relationships to facilitate and enable best practice privacy management and information access for all Australians.

Challenges

The challenges on the left hand side outline the activities that we plan to undertake to meet each of our goals, as set out by our Corporate Plan 2016–17. Following the 2016–17 reporting year, this section will be updated to include our results for each planned challenge.

Challenge 1: Promote, uphold and shape Australian information privacy rights.

Handle privacy complaints

  • Received 17% more privacy complaints than last year
  • 95% of all privacy complaints resolved within 12 months of receipt
  • 22% increase from last year in number of complaints closed
  • Average time taken to close a complaint was 4.7 months

Conduct privacy assessments

  • Average time to complete privacy assessments was 7.1 months
  • 100% of recommendations to entities to ensure compliance with the Privacy Act were accepted or planned for action

Conduct Commissioner initiated investigations and handle voluntary and mandatory data breach notifications

  • 84% of CIIs finalised within 8 months
  • 92% of voluntary data breach notifications closed within 60 days
  • 54% of mandatory digital health data breach notifications closed within 60 days
  • Data breach notification — A guide to handling personal information security breaches viewed on our website 29% more times than last year

Provide a public information service

  • 78% of written enquiries finalised within 10 working days
  • How do I make a privacy complaint? webpage viewed 31% more times than last year
  • Over 2,156 media mentions and 552 social media mentions of our privacy information services

Assist entities to improve their understanding of privacy compliance and promote privacy best practice

  • Developed seven privacy resources for business and government
  • Published guidance to assist Australian businesses in understanding the European Union’s General Data Protection Regulation (GDPR) and Notifiable Data Breaches (NDB) scheme

Promote awareness and understanding of privacy rights in the community

  • 49% increase in Privacy Awareness Week (PAW) partners
  • Over 250 media mentions including 20 broadcast media interviews during PAW
  • 40% increase in media enquiries
  • Membership of the Privacy Professionals’ Network increased from 169 to 1235 members
  • Participated in 22 speaking engagements aimed at privacy professionals
  • Translated five of our resources and information materials into 11 languages

Develop legislative instruments

  • No applications for Public Interest Determinations or APP codes were received in 2016–17

Challenge 2: promote and uphold Australian information access rights.

Provide a timely and effective Information Commissioner review function

  • Received 24% more Information Commissioner (IC) reviews than last year
  • Finalised 515 IC reviews
  • 86% of applications for an IC review finalised within 12 months
  • Increased number of matters finalised by informal resolution without proceeding to decision

Provide promotion and information to the Australian community on information access rights

  • 88% of written enquiries finalised within 10 working days
  • Over 622 media mentions and 77 social media mentions of our FOI information service

Assist government agencies and ministers with FOI advice and maintain guidelines and resources to promote best practices

  • Met with a number of government agencies to discuss IC reviews

Handle FOI complaints and investigations

  • All FOI complaints received were finalised within 12 months of receipt
  • Average time taken to close FOI complaints was 3 months

Challenge 3: develop the personal information management capabilities of Australian businesses and government agencies.

Promote the relationship between strong privacy governance and improved business effectiveness

  • Completed 15 submissions and issued 144 pieces of advice on privacy related topics
  • Released a Privacy Impact Assessment (PIA) eLearning program
  • Initiated development of the Australian Public Service (APS) Privacy Governance Code

Assess education and training capacity and market demand

  • Surveyed agencies to determine what privacy training is currently undertaken by staff, and what further support and resources are required