Support Centre

Australian Capital Territory

Summary

Law: Information Privacy Act 2014 (the IPA). Please note that the IPA applies to public bodies. Private organisations are subject to the federal Privacy Act 1988.

Regulator: The Office of the Australian Information Commissioner (OAIC)

Summary: There is no separate, territorial level private sector data protection law in the Australian Capital Territory (ACT). Furthermore, and unlike the other Australian states and territories, there is no separate regulator for privacy matters related to the public sector in the ACT. Instead, the Office of the Australian Information Commissioner (OAIC), which is a federal (commonwealth) body, exercises some of its functions as the ACT privacy commissioner. Similar to some other state level laws, the IPA applies primarily to public sector bodies but includes certain contracted service providers within its provisions. In addition, the Health Records (Privacy and Access) Act 1997 sets out obligations for the processing of health information. The ACT Health Services Commissioner handles complaints related to about access to and integrity of health records in the ACT.