28 min read

Privacy and data protection

Last updated July 2024

This chapter explains the privacy laws governing personal information, and how to minimise the risk of breaching privacy laws in your workplace.

Privacy laws

Privacy laws govern how personal information can be used in the workplace.

Definition: Personal Information

Personal information is information or an opinion about an individual from which it is possible to reasonably ascertain the individual’s identity.

These laws comprise privacy principles legislated in:

  • state and territory instruments; and
  • the Privacy Act 1988 (Cth) (Australian Privacy Act).

The following table outlines the state and territory instruments:

Jurisdiction Instrument
ACT Information Privacy Act 2014 (ACT)
Human Rights Act 2004 (ACT)
NSW Privacy and Personal Information Protection Act 1998 (NSW)
Health Records and Information Privacy Act 2002 (NSW)
NT Information Act 2002 (NT)
Qld Information Privacy Act 2009 (Qld)
SA SA Government Department of Premier and Cabinet, Department of the Premier and Cabinet Circular PC012 – Information Privacy Principles (IPPs) Instruction
Tas Personal Information and Protection Act 2004 (Tas)
Vic Privacy and Data Protection Act 2014 (Vic)
Health Records Act 2001 (Vic)
Charter of Human Rights and Responsibilities Act 2006 (Vic)
WA Nil, but WA agencies are currently governed by various confidentiality provisions and privacy principles under the Freedom of Information Act 1992 (WA)
Important: These laws apply according to the nature of your activities and the type of personal information you hold.