What privacy laws apply in each state and territory
What privacy laws apply to private sector health service providers
Who to complain to about a state agency or local council
Who to complain to about a public hospital
The Office of the Australian Information Commissioner (OAIC) mainly deals with issues that are covered by the Privacy Act 1988 (Privacy Act). The Privacy Act is a federal law which does not cover local, state or territory government agencies, except the Norfolk Island administration.
Most Australian states and territories have equivalent legislation which covers their public sector agencies. Some state authorities and instrumentalities are bound by the Privacy Act.
If your inquiry or complaint is about a New South Wales (NSW), Queensland, Northern Territory, Tasmanian or Victorian public sector agency, including a local council, please contact the relevant commissioner using the links below.
Private sector health service providers
The Privacy Act applies to all private sector health service providers anywhere in Australia. It doesn’t apply to state and territory public sector health service providers, such as public hospitals.
In NSW, Victoria and the Australian Capital Territory (ACT) private sector health service providers must comply with both Australian and state or territory privacy laws when handling health information.
Queensland, the Northern Territory and Tasmania have privacy legislation that applies only to their public sector, including public sector health service providers.
Western Australia and South Australia do not have specific privacy legislation.
Australian Capital Territory
The OAIC exercises some of the functions of the Australian Capital Territory Information Privacy Commissioner. For more information see Privacy in the ACT.
Queensland’s Health Ombudsman can also receive and investigate complaints about health services and health service providers.
South Australia
The South Australian privacy committee handles privacy complaints related to state government agencies’ compliance with a set of Information Privacy Principles