• Organisations
  • Credit reporting
  • Direct marketing
  • Employee records exemption
  • ID scanners
  • Opting in to the Privacy Act
  • Privacy for not-for-profits, including charities
  • Privacy management plan template
  • Selling a business
  • Small business
  • Sporting clubs
  • Start-ups
  • Tips for good privacy practice
  • Trading in personal information
  • Guidance for EDR schemes when handling complaints about notifiable data breaches
  • Tracking pixels and privacy obligations
  • Facial recognition technology: a guide to assessing the privacy risks
• Government agencies
  • Agency referee reports
  • Australian Government Agencies Privacy Code
  • Conducting surveys
  • Guidelines on data matching in Australian Government administration
  • Privacy impact assessment register assessment program
  • Privacy Code checklist
• Guidance on privacy and developing and training generative AI models
• Guidance on privacy and the use of commercially available AI products
• Health service providers
  • Communications with patients
  • Data breach action plan for health service providers
  • Guide to health privacy
  • Individual healthcare identifiers
  • My Health Record
  • Privacy action plan for your health practice
  • Taking photos of patients
• Handling personal information
  • Anti-money laundering obligations
  • Centrelink requests for information
  • Dealing with requests for access to personal information
  • Dealing with requests for correction of personal information
  • De-identification and the Privacy Act
  • De-identification Decision-Making Framework
  • Guide to securing personal information
  • Guide to the Privacy (Persons Reported as Missing) Rule 2024
  • Guidelines for state and territory governments: creating nationally consistent requirements to collect personal information for contact tracing purposes
  • National Relay Service
  • Posting photos and videos
  • Protecting customers' personal information
  • Sending personal information overseas
  • The Privacy (Tax File Number) Rule 2015 and the protection of tax file number information
  • Transfer of financial adviser records
  • What is personal information?
• Preventing, preparing for and responding to data breaches
  • Data breach preparation and response
  • Preventing data breaches: advice from the Australian Cyber Security Centre
  • Guidance for entities in preparing for and responding to cyber incidents
• Privacy impact assessments
  • 10 steps to undertaking a privacy impact assessment
  • Assessing privacy risks in changed working environments: privacy impact assessments
  • Guide to undertaking privacy impact assessments
  • Privacy by design
  • Privacy impact assessment tool
• COVID-19
  • Coronavirus (COVID-19): understanding your privacy obligations to your staff
  • Coronavirus (COVID-19) vaccinations: understanding your privacy obligations to your staff
  • COVIDSafe Reports
  • Guidance for businesses collecting personal information for contract tracing
  • National COVID-19 privacy principles
  • Privacy update on the COVIDSafe app
  • Retention and deletion of personal information collected during COVID-19
  • Guidance for businesses collecting COVID-19 vaccination information
• More guidance
  • Australian Bushfires Disaster Emergency Declaration: understanding your privacy obligations
  • Australian entities and the European Union General Data Protection Regulation
  • Emergencies and disasters
  • Guide to data analytics and the Australian Privacy Principles
  • Guide to developing an APP privacy policy
  • How to develop an APP privacy policy (poster)
  • Guidelines for developing codes
  • Guidelines for recognising external dispute resolution schemes
  • Handling privacy complaints
  • Keeping records of disclosures under the Telecommunications Act 1997
  • Mobile privacy: a better practice guide for mobile app developers
  • Privacy management framework: enabling compliance and encouraging good practice
  • Privacy public interest determination guide
  • Self-assessment checklist: privacy obligations under the Data Retention Scheme
  • Telecommunications service providers' obligations arising under the Privacy Act 1988 as a result of Part 5-1A of the Telecommunications (Interception and Access) Act 1979
  • Privacy considerations for financial services entities receiving data from a carrier or carriage service provider