What is the role of The Office of the Australian Information Commissioner?

The Office of the Australian Information Commissioner (OAIC) is headed by the Australian Information Commissioner.

The Australian Information Commissioner is supported by the Deputy Commissioner, Assistant Commissioners for Dispute Resolution and Regulation and Strategy, and the OAIC staff.

The OAIC is based in Sydney and has two branches:

  • Dispute Resolution — responsible for case management and the resolution of privacy and FOI complaints and reviews. The Dispute Resolution branch also carries out Commissioner initiated investigations and is responsible for legal services and the enquiries line.
  • Regulation and Strategy — provides advice and guidance, examines and drafts submissions on proposed legislation, conducts assessments, and provides advice on inquiries and proposals that may have an impact on privacy. The Regulation and Strategy branch is also responsible for communications and corporate functions.
  • The OAIC oversees the Privacy Act 1988 (Privacy Act) which regulates how your personal information is handled by Australian Government agencies and the Norfolk island administration, medium-to-large businesses, the not-for-profit sector, the credit reporting industry and health service providers.

    Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable.

    The Privacy Act allows you to:

  • know why your personal information is being collected, how it will be used and who it will be disclosed to
  • have the option of not identifying yourself, or of using a pseudonym in certain circumstances
  • ask for access to your personal information (including your health information or credit report)
  • stop receiving unwanted direct marketing
  • ask for your personal information to be corrected
  • make a complaint about an entity covered by the Privacy Act, if you think they have mishandled your personal information.
  • Most organisations are now required to report data breaches to the OAIC under the Notifiable Data Breaches scheme (NDB).  Under the scheme organisations are also required to notify affected individuals.

    You can find more information about the OAIC by heading to https://www.oaic.gov.au/about-us/who-we-are/

    Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

    Still need help? Contact Us Contact Us