A brief Summary of Federal Privacy Law in Australia

The federal Privacy Act contains eleven Information Privacy Principles (IPPs) which apply to Australian and ACT government agencies. It also has ten National Privacy Principles (NPPs) which apply to parts of the private sector and all health service providers. Part IIIA of the Privacy Act regulates credit providers and credit reporting agencies. The Privacy Commissioner also has some regulatory functions under other legislation, including the Telecommunications Act 1997 (Cth), National Health Act 1953 (Cth), Data Matching Program (Assistance and Tax) Act 1990 (Cth) and the Crimes Act 1914 (Cth).

* Private Sector Business

* Health Service Providers

* Australian and ACT government agencies

(Please note: Some States in Australia have also enacted privacy legislation. For information on these privacy regimes please visit our State Privacy Laws page.)
Private Sector Business

From 21 December 2001 the private sector amendments to the Privacy Act 1988 (Cth) (the “Act”) became operative. The new provisions provide for ten National Privacy Principles (NPPs), found in Schedule 3 of the Act, which apply to the private sector.

The NPPs are in addition to existing legislation and guidelines which affect parts of the private sector. Part IIIA of the Act applies to credit providers and credit reporting agencies. The Credit Reporting Code of Conduct also applies to credit providers and credit reporting agencies. This Code was issued by the Privacy Commissioner (the “Commissioner”) under section 18A of the Act in 1991 and is complementary to Part IIIA of the Act.

The Commissioner has also issued credit reporting determinations which are legislative instruments.
Three other significant areas which are monitored by the Commissioner which affect parts of the private sector are:

* the collection, storage, use and security of personal tax file numbers by organisations that are authorised or approved to record such information under taxation, assistance agency or superannuation law;
* the disclosure of personal information to law enforcement agencies under Part 13, Division 5 of the Telecommunications Act 1997 (Cth); and
* the handling of personal information under the Anti-Money Laundering and Counter-Terrorism Legislation. Under s6E (1A) of the Privacy Act 1988 (Cth) certain activities of some small businesses previously exempted are brought within coverage of the Privacy Act.

The Commissioner has issued Tax File Number Guidelines pursuant to section 17 of the Act.

The private sector is also given the opportunity to create its own privacy codes which can be submitted to the Commissioner for approval. Once approved they become binding for organisations covered by the Privacy Act and who have subscribed to the code. The Code provisions and replace the NPPs.

Those private sector organisations which are not bound by the Act for various jurisdictional reasons can choose to be bound by the Act, by opting-in.

Please visit our Business section for more information on privacy regulation in respect to private sector business.

Back to Top
Health Service Providers

From 21 December 2001 the private sector amendments to the Privacy Act 1988 (Cth) became operative. The provisions provide for ten National Privacy Principles (NPPs), found in Schedule 3 of the Act, which apply to health service providers.

Since the NPPs came into effect, several public interest determinations relating to the health sector have been issued by the Commissioner.

Four other significant areas which are monitored by the Commissioner which affect parts of the health sector are in relation to:

* the storage, use, disclosure and retention of individuals’ claims information under the Pharmaceutical Benefits Scheme and the Medicare program;
* privacy standards in the conduct of human medical research in Australia;
* the collection, use and disclosure of personal medical information in relation to the conduct of research, compilation and analysis of statistics relevant to public health, safety or health service management activities; and
* the collection, storage, use and security of personal tax file numbers by organisations that are authorised or approved to record such information under taxation, assistance agency or superannuation law.

Under section 135AA of the National Health Act 1953 (Cth) the Commissioner has issued the Medicare and Pharmaceutical Benefits Program Privacy Guidelines.

In addition, the Commissioner has approved guidelines issued by the NHMRC under sections 95 and 95A of the Privacy Act 1988.

The Commissioner has also issued Tax File Number Guidelines (PDF, Word) pursuant to section 17 of the Act.

Please visit our Health section for more information on privacy regulation in respect to health service providers.

Back to Top
Australian and ACT government agencies

When the Privacy Act 1988 (Cth) was first enacted it provided for eleven Information Privacy Principles (IPPs) found in section 14 of the Act. This initially applied only to Australian Government agencies, but through the passing of the Australian Capital Territory Government Service (Consequential Provisions) Act 1994 (Cth) it became applicable to ACT agencies as well.

Since the IPPs came into effect, a number of public interest determinations relating to the government sector have been issued by the Commissioner.

Three other significant areas which are monitored by the Commissioner which affect parts of the government sector are in relation to:

* the collection, storage, use and security of personal tax file numbers by organisations that are authorised or approved to record such information under taxation, assistance agency or superannuation law;
* data-matching programs; and
* spent convictions

The Commissioner has issued Tax File Number Guidelines pursuant to section 17 of the Act and advisory Guidelines on the use of data matching in Commonwealth administration and Data Matching Program (Assistance and Tax) Guidelines pursuant to section 12 of the Data-Matching Program (Assistance and Tax) Act 1990 (Cth).

Additionally the Commissioner investigates breaches under Part VIIC of the Crimes Act 1914 (Cth). The Spent Convictions Scheme in Part VIIC provides protection for individuals with old minor convictions in certain circumstances.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


%d bloggers like this: