Noncompliant applications and Privacy Impact Assessments

Noncompliant applications

An applicant who makes an application under the Right to Information Act 2009 (Qld) (RTI Act) or Information Privacy Act 2009 (Qld) (IP Act) must describe the documents in a way that enables the agency to understand what is being sought.

This obligation, however, is not a one way street. Applicants are not expected to, and in most cases will not, know or understand how agency documents are named, stored or created. They do not need to provide a list of perfectly identified agency documents for their application to be valid.

Assessing an application must not be approached as if it was an exercise in statutory interpretation. Decision makers need to remember there is a significant imbalance between what they know about the agency's documents, processes, and systems and what the applicant knows. They must ensure they use that knowledge when assessing an application and, if they are not sure what an applicant is seeking, use that knowledge to assist the applicant to make their application clear.

The Assessing the terms of an access application guideline has been updated to better reflect this position.

Privacy Impact Assessment templates

The Privacy Impact Assessment (PIA) report templates have been updated to provide for agencies and health agencies to also assess compliance with the Human Rights Act 2019 (Qld).

The PIA report template for non-health agencies has been updated to provide for agencies to also assess compliance with any confidentiality or secrecy provisions that might apply to the project.

Both templates are linked at the end of the Undertaking a Privacy Impact Assessment guideline.