Information Privacy
Information Privacy Act 2009
The reprints used for the Office of the Information Commissioner’s annotated version of the Freedom of Information Act 1992 (Qld), RTI Act and IP Act (annotated legislation) are sourced from, and used with the permission of, the Office of The Queensland Parliamentary Counsel. The annotated legislation is updated from time to time to incorporate significant amendments. The current reprint of the IP Act is available from the Office of the Queensland Parliamentary Counsel.
An Act to provide safeguards for the handling of personal information in the public sector environment, and to allow access to and amendment of personal information.
Sections of the act with annotations
Annotations highlighted.
- Chapter 1 Preliminary (1-25)
- Part 1 Introductory (1-10)
- 1 Short title
- 2 Commencement
- 3 Object of Act
- 4 Act not intended to prevent other accessing or amendment of personal information
- 5 Relationship with other Acts requiring access to or amendment of personal information
- 6 Scope of personal information under this Act
- 7 Relationship with other Acts prohibiting disclosure of information
- 8 Relationship with other Acts regulating disposal of information
- 9 Relationship with Right to Information Act
- 10 Act binds State
- Part 2 Interpretation (11-25)
- 11 Definitions
- 12 Meaning of personal information
- 13 Meaning of document of an agency for ch 3
- 14 Meaning of document of a Minister for ch 3
- 15 Meaning of document otherwise
- 16 Meaning of document to which the privacy principles do not apply
- 17 Meaning of agency for ch 3
- 18 Meaning of agency otherwise
- 19 Meaning of entity to which the privacy principles do not apply
- 20 Special provision about application of Act other than ch 3 to a Minister
- 21 Meaning of public authority
- 22 Meaning of processing period and transfer period for ch 3
- 23 What it means to disclose personal information and to use personal information
- 24 Meaning of control of a document
- 25 References to IPPs and NPPs
- Part 1 Introductory (1-10)
- Chapter 2 Privacy principles (26-39)
- Chapter 3 Disclosure and amendment by application under this Act (40-133)
- Part 1 Right to access and amendment (40-42)
- Part 2 Access and amendment applications (43-49)
- 43 Making access application
- 44 Making amendment application
- 45 Making access or amendment applications for children
- 46 Access or amendment application may not be made to commissioner
- 47 Application for documents then existing
- 48 Application for metadata
- 49 Application not for backup system documents
- Part 3 Dealing with application (50-57)
- Part 4 Refusal to deal with access or amendment application (58-63)
- 58 Pro-disclosure bias and pro-amendment bias in deciding to deal with applications
- 59 Exempt information
- 60 Effect on agency's or Minister's functions
- 61 Prerequisites before refusal because of effect on functions
- 62 Previous application for same documents - access application
- 63 Previous application for same documents - amendment application
- Part 5 Decision (64-76)
- Division 1 Access applicants (64-69)
- Division 2 Amendment applications (70-76)
- 70 Considered decision on amendment application
- 71 Deemed decision on amendment application
- 72 Grounds on which amendment may be refused
- 73 Notification of decision and reasons - amendment application
- 74 Amendment of document by alteration or notation
- 75 Notation to information
- 76 Particular notations required to be added
- Part 6 Charging regime (77-82)
- Part 7 Giving access (83-92)
- 83 Forms of access
- 84 Time limit for access
- 85 Precautions
- 86 Precautions for children
- 87 Deferral of access
- 88 Deletion of irrelevant information
- 89 Deletion of exempt information
- 90 Deletion of contrary to public interest information
- 91 Giving summary of personal information to applicant or intermediary
- 92 Giving relevant healthcare information to applicant's nominated healthcare professional
- Part 8 Internal review (93-97)
- Part 9 External review (98-126)
- Division 1 Preliminary (98-100)
- Division 2 Application (101-102)
- Division 3 After application made (103-107)
- Division 4 Conduct of external review (108-110)
- Division 5 Powers of information commissioner on external review (111-122)
- 111 Preliminary inquiries
- 112 Better reasons
- 113 Access to documents
- 114 Access in particular form
- 115 Requiring a search
- 116 Requiring information, documents and attendance
- 117 Examining witnesses
- 118 Additional powers
- 119 Restrictions under other laws not applicable
- 120 Information commissioner to ensure proper disclosure and return of documents
- 121 Information commissioner to ensure non-disclosure of particular information
- 122 Exception for successful challenge of s 69(2) notice
- Division 6 Decision on external review (123-124)
- Division 7 Miscellaneous (125-126)
- Part 10 Vexatious applicants (127-128)
- Part 11 References of questions of law and appeals (129-133)
- Chapter 4 Information Commissioner and Privacy Commissioner (134-163)
- Part 1 Functions of information commissioner under this Act (134-138)
- Part 2 Staff of Office of Information Commissioner in relation to this Act (139-140)
- Part 3 Privacy Commissioner (141-152)
- 141 The Privacy Commissioner
- 142 Role and function of privacy commissioner
- 143 Privacy commissioner subject to direction of information commissioner
- 144 Appointment
- 145 Procedure before appointment
- 146 Term of appointment
- 147 Remuneration and conditions
- 148 Leave of absence
- 149 Preservation of rights if public service officer appointed
- 150 Restriction on outside employment
- 151 Resignation
- 152 Acting privacy commissioner
- Part 4 Proceedings (153-156)
- Part 5 Waiving or modifying privacy principles obligations in the public interest (157)
- Part 6 Compliance notices (158-163)
- Chapter 5 Privacy complaints (164-178)
- Chapter 6 Protections and offences (179-188)
- Part 1 Protections (179-183)
- 179 Access - protection against actions for defamation or breach of confidence
- 180 Publication - protection against actions for defamation or breach of confidence
- 181 Access - protection in respect of offences
- 182 Publication - protection in respect of offences
- 183 Protection of agency, information commissioner etc. from personal liability
- Part 2 Offences (184-188)
- Part 1 Protections (179-183)
- Chapter 7 Miscellaneous provisions (189-201)
- Chapter 8 Transitional provisions (202-214)
- Part 1 Transitional provisions of Act No. 14 of 2009 (202-211)
- 202 Delayed application of Act other than ch 3 to local governments
- 203 Outdated references
- 204 Pre-enactment recruitment process
- 205 Refusal to deal with application - previous application for same documents
- 206 Delayed filing of certified agreement with QCAT
- 207 Delayed referral of privacy complaint to QCAT
- 208 Delayed application to QCAT
- 209 Privacy complaints to relate to actions after ch 5 commencement
- 210 Continuing application of relevant information standards
- 211 Acts and practices authorised before relevant date
- Part 2 Transitional provisions for State Penalties Enforcement and Other Legislation Amendment Act 2009 (212-214)
- Part 1 Transitional provisions of Act No. 14 of 2009 (202-211)
- Schedule 1 Documents to which the privacy principles do not apply
- Schedule 2 Entities to which the privacy principles do not apply
- Schedule 3 Information Privacy Principles
- 1 IPP1-Collection of personal information (lawful and fair)
- 2 IPP2-Collection of personal information (requested from individual)
- 3 IPP3-Collection of personal information (relevance etc.)
- 4 IPP4-Storage and security of personal information
- 5 IPP5-Providing information about documents containing personal information
- 6 IPP6-Access to documents containing personal information
- 7 IPP7-Amendment of documents containing personal information
- 8 IPP8-Checking of accuracy etc. of personal information only for relevant purpose
- 9 IPP9-Use of personal information only for relevant purpose
- 10 IPP10-Limits on use of personal information
- 11 IPP11-Limits on disclosure
- Schedule 4 National privacy principles
- 1 NPP1 - Collection of personal information
- 2 NPP2 - Limits on use or disclosure of personal information
- 3 NPP3 - Data quality
- 4 NPP4 - Data security
- 5 NPP5 - Openness
- 6 NPP6 - Access to documents containing personal information
- 7 NPP7 - Amendment of documents containing personal information
- 8 NPP8 - Anonymity
- 9 NPP9 - Sensitive information
- Schedule 5 Dictionary