We use cookies to analyse traffic and to improve your browsing experience on our website. To find out more, read our privacy policy.

News Join our team Contact us
Privacy

Privacy guidance for organisations and government agencies

  • On this page

Published:  

Having good privacy practices in your business or organisation brings many benefits, including building consumer trust and confidence that you are handling personal information safely and securely.

The OAIC’s Privacy Foundations tool has been designed for businesses who want to embed a culture of privacy, and who want to establish or improve privacy practices, procedures and systems.

The tool will help you to assess your business against some foundational privacy questions. The questions cover areas of core privacy practice and provide examples that may be relevant to your circumstances. Completing the tool should take 15-20 minutes, and will give you a privacy maturity score and tailored recommendations.

The tool does not assess compliance under the Privacy Act 1988 (Cth) (Privacy Act) or other legal obligations. You may wish to use the OAIC’s more in-depth Privacy Management Plan tool, or obtain independent expert advice, if you are seeking to assess your privacy maturity against the Australian Privacy Principles (APPs).

Download the Privacy Foundations self-assessment tool

Last updated: 16 June 2025

About this tool

Having good privacy practices in your business or organisation brings many benefits, including building consumer trust and confidence that you are handling personal information safely and securely.

This Privacy Foundations tool has been designed for businesses who want to embed a culture of privacy, and who want to establish or improve privacy practices, procedures and systems.

The tool will help you to assess your business’s current privacy practices by providing examples that may apply to your own circumstances. Following your self-assessment, the tool will make recommendations to implement in your day-to-day operations to achieve a more robust privacy culture. The results could also be used to create a Privacy Management Plan for your business.

The tool is intended to provide only a basic overview of privacy fundamentals and is not intended to offer a complete privacy assessment. It may assist businesses that do not have in-house privacy expertise to understand what they could focus on to improve their privacy maturity.

The tool does not assess compliance under the Privacy Act 1988 (Cth) (Privacy Act). Public sector agencies and businesses that are covered by the Privacy Act may wish to use the OAIC’s more in- depth Privacy Management Plan tool, as well as independent expert advice, to assess their privacy maturity against the Australian Privacy Principles (APPs).

Separate to any Privacy Act or State/Territory privacy obligations, the OAIC recommends that all organisations implement strong privacy management practices, as a core part of good business practice.

What to expect

  • Assess your business against some foundational privacy questions covering areas of core privacy good practice.
  • See practical examples of what good privacy practice looks like.
  • Complete the assessment in 15-20 minutes with guidance at every step.
  • Receive a privacy maturity score and tailored recommendations for your business.

Use the OAIC’s more in-depth Privacy Management Plan tool and/or independent professional advice, to assess your privacy maturity against the Australian Privacy Principles (APPs) — if required.

How to use this tool

This tool contains two parts. Step 1 — Questionnaire and Step 2 — Action planning.

In Step 1, answer the questions, then use the answers you gave in Step 1 to help you calculate your privacy score in Step 2. You can also use your results in Step 2 to create a Privacy Management Plan.

Disclaimer

The tool provides a score of privacy maturity based on your self-assessment but is not a complete analysis of your business’s privacy framework. Implementing appropriate privacy practices remains your responsibility. The OAIC does not guarantee that use of this tool will ensure compliance with any legal obligation, and businesses should regularly review and update their privacy practices, and seek professional advice where appropriate.

The information that you enter in this tool remains under your control and is not shared with the OAIC.

OAIC logo
Contact us 1300 363 992

Monday to Thursday 10 am to 4 pm (AEST/AEDT)

Acknowledgement of Country

The OAIC acknowledges Traditional Custodians of Country across Australia and their continuing connection to land, waters and communities. We pay our respect to First Nations people, cultures and Elders past and present.

© Commonwealth of Australia