skip to content

Refine results


Search by

Search by Algolia
Law Handbook banner image

Access to Non-government Information

Significant changes were made to the Privacy Act 1988 (Cth) which came into effect on 12 March 2014. For detailed information on Commonwealth Government Agencies and Non-Government privacy obligations see the website of the Office of the Australian Information Commissioner.

There is no general right of access to information held by individuals or private organisations. In certain situations, the collection, storage and release of privately held information is subject to legislation.

Privacy Act 1988 (Cth)

On 21 December 2001 legislation came into force applying the Privacy Act to certain parts of the private sector. Formerlly National Privacy Principles applied to these parts of the private sector while Information Privacy Principles aplied to Commonwealth government agencies.

Since 12 March 2014 a new unified series of Australian Privacy Principles (APPs) sets legally binding standards within which certain private organisations, as well as Commonweath Government agencies, must operate.

Who is covered?

The private sector provisions of the Privacy Act 1988 (Cth) apply to organisations (including not-for-profits) with an annual turnover of more than $3 million. The provisions also apply to all health service providers regardless of turnover, government contractors, and some small businesses with an annual turnover of $3 million or less.

In addition, even if an organisation is covered by the Act, certain acts and practices of the organisation will be exempt. These are:

  • non business acts and practices;
  • acts and practices by an employer organisation which relate to a current or former employment relationship or employee records;
  • if the organisation is a contracted service provider for a Commonwealth contract (whether or not the organisation is a party to the contract) and the organisation would be a small business operator if it were not a contracted service provider, then any act done or practice engaged in otherwise for the purpose of meeting an obligation under a Commonwealth contract is exempt;
  • acts and practices of media organisations in the course of journalism; and
  • acts and practices of registered parties, political representatives (Commonwealth, State and local) and their contractors and volunteers.

Australian Privacy Principles

The Australian Privacy Principles set out how Commonwealth public sector agencies and private sector organisations should collect, use, keep secure and disclose personal information. The principles give individuals a right to know what information an organisation holds about them and a right to correct that information if it is wrong.

The APPs relate to collection, use, disclosure, quality, security, openness, access to and correction of personal information, including sensitive information and health information. There are also principles on the use of government identifiers, the right to remain anonymous, the flow of data across borders.

Government Contractors

The Privacy Act 1988 (Cth) treats private sector government contractors, known as contracted service providers (CSPs) differently. The Act requires agencies to take contractual measures to ensure that CSPs, including subcontractors, do not breach the APPs. The CSP's privacy obligations are derived from the contract. Therefore agencies need to ensure that contractual clauses are consistent with the privacy obligations that apply.

The Act applies to CSPs regardless of when the contract was entered into. Therefore there is an obligation on agencies to include privacy clauses in contracts prior to the commencement of the Act . The provisions also apply to acts and practices of CSPs after completion or termination of the contract. A small business operator that is also a CSP will be subject to the legislation in respect of the performance of that contract. That is, it cannot benefit from the small business exemption for contractual matters.

To ensure that people are able to find out what privacy standards apply, agencies and CSPs are required to release on request details of privacy clauses in their contracts.

Complaints

All complaints in relation to the acts or practices of Contracted Service Providers (CSPs) are to be handled by the Office of the Australian Information Commissioner. The CSPs are liable for their own acts and practices. The outsourcing agency is to be given notice of any determination against a CSP.

In circumstances where an individual is unable to obtain a remedy from a CSP, the Office of the Australian Information Commissioner can substitute the agency for the CSP. This ensures that the agency remains ultimately responsible for the acts and practices of its CSPs.

Consumer Credit Information

For further detail on how the Privacy Act 1988 (Cth) protects consumer credit information, including when the information is given to a credit reporting agency, see Credit Ratings.

Personal Information

Personal information is held by many private agencies including banks, insurers, medical and legal professionals.

Medical files

See: Obtaining Medical Records

Lawyers' files

It is accepted law in Australia that clients have a right to their personal files once they have paid their legal fees. All legal documents such as contracts, summonses and pleadings must be released to the client. However, a lawyer does not have to disclose speculations, memos or any documents of a commentary nature to a client.

Employers' files

Employees should be told whether personal files are kept on them and whether they may have access to those files. Many organisations have a policy to allow access to employee information. Employees wanting access should firstly make use of such policies where they exist.

Commonwealth or State government employees can apply under the relevant FOI Act for access to personal information.

Employers have a responsibility to maintain pay and time records of employees and make these available under the Fair Work Act 2009 (Cth). See the Fair Work Ombudsman's information on Record-Keeping and Pay Slips for more information.

    Access to Non-government Information  :  Last Revised: Thu Jan 5th 2017
    The content of the Law Handbook is made available as a public service for information purposes only and should not be relied upon as a substitute for legal advice. See Disclaimer for details. For free and confidential legal advice in South Australia call 1300 366 424.