Privacy — Crimes Act 1914 (Cth) — Quashed convictions scheme —Disclosure by an individual to a court — Cease and desist letter sent to respondent before disclosure — Respondent reasonably expected to know about application of quashed conviction scheme to the complainant — Section 85ZU breached — Compensation awarded for non-economic loss — Aggravated damages not awarded.

iii. take such steps (if any) as were reasonable in the circumstances to notify individuals of the collection of personal information (APP 5)

Privacy — Privacy Act 1988 (Cth) — Australian Privacy Principles — APP 11.1 — APP 11.2 — APP 1.2 — Extraterritorial jurisdiction —Unauthorised access to personal information by third party — Whether reasonable steps taken to protect personal information from unauthorised access — Whether reasonable steps taken to delete or de-identify personal information — Whether reasonable steps taken to implement practices, procedures and systems to ensure compliance with the APPs — Breaches substantiated - Requirement to prepare compliant Policies and Programs — Independent review of Policies and Programs

Privacy — Privacy Act 1988 (Cth) — Australian Privacy Principles — APP 10 — APP 13 — Inaccuracies in an Independent Medical Expert report for tribunal proceedings — Whether reasonable steps taken to ensure accuracy — Whether failure to respond to correction request within statutory timeframe — Breach of APP 13.5 — Complaint otherwise dismissed — Acknowledgement of interference with privacy — Inappropriate for any further action to be taken.

iv. take such steps (if any) as were reasonable in the circumstances to ensure that the personal information it used or disclosed was, having regard to the purpose of the use or disclosure, accurate, up?to?date, complete and relevant (APP 10.2).

Privacy — Privacy Act 1988 (Cth) — Australian Privacy Principles — APP 6 — APP 11 — CCTV footage of retail pharmacy — Disclosure to complainant's employer for identification — Purposes of detecting crime — Whether reasonable steps to prevent authorised disclosure — Size and type of entity considered — No breach — Complaint dismissed.

Finding: Breach

Remedies: Compensation of $3,000 to the complainant for non-economic loss and $2,000 for aggravated damages; respondent must perform act of redress by providing access to personal information or explanation as to why it cannot be provided

Privacy — Privacy Act 1988 (Cth) — Australian Privacy Principles — Breach of APP 12 - Treating psychologist - Failure to provide access to personal information - Non-economic damage - Compensation awarded - Aggravated damages awarded

Finding: Breach

Remedies: Compensation of $3,000 to the complainant for non-economic loss

Privacy — Privacy Act 1988 (Cth) — Information Privacy Principles — Breach of IPP 11 - Disclosure for tribunal proceedings - Whether authorised by or under law - Damages awarded for non-economic loss

Finding: Breach

Remedies: Compensation of $10,000 to the first complainant for non-economic loss, $3,400 to the first complainant for economic loss and $3000 to the second complainant for non-economic loss.

Privacy — Privacy Act 1988 (Cth) — Australian Privacy Principles — APP 6 - APP 11 - Disclosure to incorrect email address - Sensitive medical information - Compensation for non-economic loss - Aggravated damages not awarded

Finding: Breach

Remedies: Compensation of $3,000 to the first complainant for non-economic loss and $1,500 to the first complainant for aggravated damages.
Compensation of $2,000 to the third complainant for non - economic loss and $1,500 to the third complainant for aggravated damages.

Privacy — Privacy Act 1988 (Cth) — Australian Privacy Principles — Breach of APP 12 — Breach of APP 11 — Psychologist delayed access to personal information — Damages for non-economic loss awarded — Aggravated damages awarded