Australia's Privacy Act 1988 governs how federal agencies and large businesses (turnover > A$3 million) handle personal information. The Australian Privacy Principles (APPs) give you rights to access, correct, and complain about your data.
The Privacy Act 1988 (Cth) is the principal privacy law in Australia. It regulates how 'APP entities' — Australian Government agencies and private sector organisations with annual turnover above A$3 million (and certain other organisations) — collect, use, disclose, and store personal information. The 13 Australian Privacy Principles (APPs) include: APP 1 (open and transparent management of information); APP 3 (collection limited to necessary information); APP 5 (notification of data collection); APP 6 (use or disclosure limited to primary purpose); APP 12 (right to access your information); APP 13 (right to correct your information). For data breaches, the Notifiable Data Breaches (NDB) scheme (Part IIIC) requires APP entities to notify the OAIC and affected individuals when a data breach is likely to result in serious harm. Complaints about privacy violations: file with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au. The OAIC can investigate, conciliate, and refer to the Federal Court for serious matters. Penalties for serious or repeated breaches can reach A$50 million.
A hospital shares a patient's medical records with an insurance company without consent and without lawful basis. The patient lodges a complaint with the OAIC. The OAIC investigates and orders the hospital to apologise, destroy the disclosed data, and revise its privacy policies.
The Advocate covers Australian law and Scripture — 389 real scenarios across 7 countries with exact rebuttals and law references. Free to start.
Explore Australian Rights — Free