Some people may find content on this website distressing. Read more
Tasmania - Legislation

Privacy Act (1988 - )

Commonwealth of Australia


The Privacy Act 1988 (Commonwealth of Australia) regulates the handling of personal information about individuals. This includes the collection, use, storage and disclosure of personal information. In terms of access to records about an individual's time in institutional 'care', the Act may be relevant to records held by a non-government organisation, where the organisation's records are not covered by the state or territory's information privacy laws. Amendments to the Act came into effect in Australia on 12 March 2014.


The Act has 11 Information Privacy Principles that apply to the handling of personal information by most Australian, ACT and Norfolk Island public sector agencies, and 10 National Privacy Principles that apply to the handling of personal information by large businesses, all health service providers and some small businesses and non-government organisations.

The following National Privacy Principles (or NPPs) are particularly relevant to records relating to a person's time in care:

NPP 5: openness
An organisation must have a policy on how it manages personal information, and make it available to anyone who asks for it.
NPP 6: access and correction
Gives individuals a general right of access to their personal information, and the right to have that information corrected if it is inaccurate, incomplete or out-of-date.

NPP 10: sensitive information
Sensitive information includes information relating to health, racial or ethnic background, or criminal records. Higher standards apply to the handling of sensitive information.

The Privacy Act complements the Tasmanian Personal Information Protection Act,


Online Resources

Sources used to compile this entry: Privacy laws have changed, 2014,

Prepared by: Cate O'Neill