Privacy assessments

26 May 2021

PIA register assessment program Publication date: 26 May 2021The OAIC is undertaking a government-wide assessment to monitor compliance with part of the Privacy (Australian Government Agencies – Governance) Code 2017.Privacy impact assessmentsA privacy impact assessment (PIA) is a systematic assessment of a project that identifies privacy impacts and sets out ...

1 March 2018

Handling personal information – Trulioo Publication date: 1 March 2018Assessment undertaken: June 2017Draft report issued: October 2017Final report issued: March 2018Part 1: Executive summary1.1 This report outlines the findings of the Office of the Australian Information Commissioner’s (OAIC) privacy assessment of Trulioo’s handling of personal information as a gateway service ...

1 February 2018

Handling personal information – VIX Verify Publication date: 1 February 2018Assessment undertaken: May 2017Draft report issued: October 2017Final report issued: February 2018Part 1: Executive summary1.1 This report outlines the findings of the Office of the Australian Information Commissioner’s (OAIC) privacy assessment of VIX Verify’s handling of personal information as a ...

8 July 2021

Department of Veterans' Affairs final report – handling of personal information Publication date: 8 July 2021Part 1: Executive summary1.1 This report outlines the findings of the Office of the Australian Information Commissioner’s (OAIC’s) privacy assessment of the Department of Veterans’ Affairs (DVA) management of personal information under the Privacy Act ...

30 April 2021

A follow-up privacy assessment of Access Canberra Publication date: 30 April 2021Part 1: Executive summary1.1 This report outlines the findings of the Office of the Australian Information Commissioner’s (OAIC) second privacy assessment of Access Canberra’s management of personal information through the administration of the Working with Vulnerable People (WWVP), Road ...

8 July 2021

Managing personal information: Passenger Name Records Publication date: 8 July 2021Part 1: Executive summary1.1 This report outlines the findings of the Office of the Australian Information Commissioner’s (OAIC) privacy assessment of Department of Home Affairs’ (Home Affairs) handling of personal information under the Privacy Act 1988 (Cth), conducted in November ...

2 October 2019

Management of personal information: Qantas Frequent Flyer Publication date: 2 October 2019Assessment undertaken: May–June 2017 Draft report issued: 9/10/2018 Final report issued: 30/6/2019Part 1: Executive Summary1.1 This report outlines the findings of an assessment of the Qantas Frequent Flyer (QFF) program undertaken by the Office of the Australian Information Commissioner ...

12 August 2021

My Health Record access security policy assessment program Publication date: 12 August 2021The OAIC is undertaking an assessment program examining My Health Record access security policies.The program is assessing general practice (GP) clinics’ compliance with Rule 42(1) of the My Health Records Rule 2016. This requires healthcare provider organisations, including ...

2 October 2019

Management of personal information: Velocity Frequent Flyer Publication date: 2 October 2019Assessment undertaken: July 2017 Draft report issued: 8/10/2018 Final report issued: 30/6/2019Part 1: Executive summary1.1 This report outlines the findings of an assessment of the Velocity Frequent Flyer (Velocity) loyalty program undertaken by the Office of the Australian Information ...

30 June 2020

Securing personal information: Australian Digital Health Agency Publication date: 30 June 2020Part 1: Executive Summary1.1 This report outlines the findings of the Office of the Australian Information Commissioner’s (OAIC’s) privacy assessment of the My Health Record[3] (MHR) system, as operated by the Australian Digital Health Agency (ADHA, as the System ...