Information Privacy Principles (IPPs)

Privacy Act 1988 regulates 'information privacy'

Information Privacy Principles

The IPPs regulate how Australian and ACT government agencies manage personal information.
They cover how and when personal information can be collected, how it should br used and disclosed, and storage and security. They also allow individuals to acess that information and have it corrected if it is wrong.

IPP 1: manner and purpose of collection
The information must be necessary for the agency's work, and collected fairly and lawfully.

IPP 2: collecting information directly from invididuals
An agency must tell individuals why they are collecting personal information, what laws give them authority to collect it, and to whom they usually disclose it.

IPP 3: collecting information generally
An agency must ensure the personal information it collects is relevant, up-to-date and complete and not collected in an unreasonably intrusive way.

IPP 4: storage and security
Personal information must be stored securely to prevent its loss or misuse.

IPP 5-7: access and amendment
These principles require agencies to take steps to record the type of personal information that they hold and give individuals access to personal info about them. Personal info can be amended or corrected if it is wrong.

IPP 8-10: information use
These principles outline the rules about keeping accurate, complete and up-to-date personal information; using info for a relevant purpose; and only using the info for another purpose in special circumstances, such as with the individual's consent or for some health and safety or law enforcement reasons.

IPP 11: disclosure
This principle sets out when an agency may disclose personal info to someone else, for ex. another agency. This can only be done in special circumstances, such as with the individual's consent or for some health and safety or law enforcement reasons.