As of 2 July 2024, our online forms will be changing. The current forms will no longer be available, and we kindly request any saved forms to be submitted by the same date. The replacement forms will be available by 3 July 2024
24 June 2024
Handling of personal information: emergency access in the My Health Record system A privacy assessment of 300 General Practice (GP) clinics and retail pharmacies.Download the My Health Record Emergency Access - Summary Assessment ReportPart 1: Executive summaryThe Office of the Australian Information Commissioner (OAIC) conducted a privacy assessment of the ...
28 November 2023
Privacy assessments forward plan for 2023-24 and 2024-25 Published: 28 Nov 2023This page outlines our planned assessments for the 2023-24 and 2024-25 financial years, as well as those underway.The OAIC uses privacy assessments (or audits) as a regulatory tool to facilitate legal and best practice compliance. Our assessments identify, and ...
6 September 2023
OAIC’s summary of 7 ACT Directorates’ data breach response plans Publication date: 6 September 2023Introduction1.1 In December 2022, the Office of the Australian Information Commissioner (OAIC) commenced a privacy assessment of 7 Australian Capital Territory (ACT) public sector agencies (ACT Directorates) which examined whether they each had a data breach ...
26 May 2023
Data matching conducted by the Department of Health and Aged Care: Practice Incentives Program eHealth Incentives Compliance Program Part 1: Executive summary1.1 This report outlines the findings of the Office of the Australian Information Commissioner’s (OAIC) privacy assessment of the data matching[1]activities undertaken by the Department of Health and Aging ...
6 April 2023
Cross-border disclosures of personal information: Passenger Name Records Part 1: Executive summary1.1 This report outlines the findings of the Office of the Australian Information Commissioner’s (OAIC) 2022 assessment of the Department of Home Affairs’ (Home Affairs) processes governing cross-border disclosures of European Union-sourced Passenger Name Record data (EU PNR data) ...
16 February 2023
Handling personal information: Services Australia’s role as the Identity Exchange Publication date: 16 February 2023Part 1: Executive summary1.1 This report outlines the findings of the Office of the Australian Information Commissioner’s (OAIC) privacy assessment of Services Australia’s management of personal information under the Privacy Act 1988 (Cth) conducted in February ...
30 November 2022
COVIDSafe Assessment 5: obligations after the end of the COVIDSafe data period Publication date: 30 November 2022Part 1: Executive summary1.1 This report outlines the findings of the Office of the Australian Information Commissioner’s (OAIC) privacy assessment of the handling of COVID app data after the end of the COVIDSafe data ...
Summary of COVIDSafe Assessment 2: state and territory health authority access controls 30 November 2022This report outlines the findings in the Office of the Australian Information Commissioner’s (OAIC) privacy assessment of the state and territory health authority (STHA[1]) access controls applied to the National COVIDSafe Data Store (NCDS). This assessment ...
12 October 2022
My Health Records security and access policy assessment 2: security and access governance Publication date: 12 October 2022Executive summaryThis report summarises the findings of the Office of the Australian Information Commissioner’s (OAIC) assessment[1] of 20 General Practice (GP) clinics (the ‘assessment GP clinics’) to identify privacy risks relevant to Rule ...
My Health Records security and access policy assessment 1: general practice clinic survey Publication date: 12 October 2022Part 1: Key pointsThe Office of the Australian Information Commissioner (OAIC) conducted a privacy assessment to assess compliance with Rule 42 of the My Health Records Rule 2016. This rule requires healthcare provider ...
Showing 1 to 10 of 55 results