Office of the Australian Information Commissioner - Home

Australian Government - Office of the Australian Information Commissioner
Australian Government - Office of the Australian Information Commissioner

Main menu

Privacy law

The Privacy Act 1988 (Privacy Act) is an Australian law which regulates the handling of personal information about individuals.

Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable.

The Privacy Act includes thirteen Australian Privacy Principles (APPs). The APPs set out standards, rights and obligations for the handling, holding, use, accessing and correction of personal information (including sensitive information). 

In this section

Rights and responsibilities
This page outlines jurisdiction and coverage of the Privacy Act.

The Privacy Act
The section holds information about specific areas of law that are included in the coverage of the Privacy Act, including the Australian Privacy Principles, credit reporting provisions, the handling of tax file numbers, the handling of personal information for medical research, and the creation of privacy regulations.

Other legislation
This section holds information about other Commonwealth privacy-related legislation, such as telecommunications, criminal records, data matching, and anti-money laundering legislation, the Medicare and pharmaceutical benefits scheme, the eHealth system, and the Personal Personal Property Securities Register.

This section also hold information about privacy legislation in the Australian Capital Territory.

Privacy registers
The Office of the Australian Information Commissioner (OAIC) maintains a number of privacy registers, including a codes register and an opt-in register.

Determinations
The Australian Information Commissioner has the power to make determinations on privacy complaints made to the OAIC.

CII reports
The Australian Information Commissioner has the power to undertake investigations when they consider there may have been a privacy breach. This is called a Commissioner initiated investigation.

Assessments
The Australian Information Commissioner has the power to undertake an assessment of public or private sector organisations that are covered by the Privacy Act.

Other privacy jurisdictions
This section holds information about other privacy jurisdictions.