Published on Office of the Information Commissioner Queensland (https://www.oic.qld.gov.au)

Home Guidelines  >  For government  >  Guidelines - Privacy principles  >  Application of the IP Act  >  When do the privacy principles apply

When do the privacy principles apply

Scope of personal information

The Information Privacy Act 2009 (Qld) (IP Act) applies to personal information, regardless of whether the personal information existed, or was collected or generated, prior to the commencement of the IP Act.1

When collecting or handling any personal information, an agency2 must comply with the relevant privacy principles and sections of the IP Act, unless one of the exceptions applies.

It does not matter:

  • when the agency acquired the information
  • from whom it was acquired; or
  • whether it was generated by the agency or another body on its behalf. 

See the discussion on personal information in the guideline Key privacy concepts – personal information for more detail.

Personal information and the deceased

The definition of personal information limits it to information about an individual.3

The definition of 'individual' in the Acts Interpretation Act 1954 (Qld) is 'a natural person4'. A natural person can only be a living person.

This means that deceased people cannot have personal information, however care should still be taken when handling the information of the deceased, as it may also be the personal information of the living, for example, a family member. 

Queensland government agencies (except health agencies)

Chapter 2, part 1 requires all agencies except for health agencies to comply with:

  • the Information Privacy Principles (IPPs)
  • with part 3, transfer of personal information outside Australia; and
  • part 4, compliance with parts 1 or 2 and 3 by contracted service providers.

Health agencies

Health agencies are required to comply with the National Privacy Principles (NPPs), rather than the IPPs, along with the rules about contracted service providers and transfer of personal information out of Australia.

The Information Commissioner

Chapter 2 of the IP Act applies to the Office of the Information Commissioner, requiring the OIC to comply with the IPPs, and with Chapter 2, Parts 3 and 4 of the IP Act. 

Interaction of the IP Act with other legislation

The IP Act will defer to any other Act which provides for the collection, storage, handling, management, use, disclosure and transfer of personal information. 

In addition, requirements to use or disclose personal information under another Act override the relevant privacy principles by the action of IPP 10(1)(c), 11(1)(d), and NPP 2(1)(f).

The Public Records Act 2002 (Qld)

The IP Act does not affect the provisions of the Public Records Act 2002 (Qld) which:

  • relate to the Queensland State Archives (QSA) providing access to documents
  • provide for a person to obtain access to a document in the custody of QSA which could also be accessed under the IP Act.5
  • 1 Section 6 of the IP Act.
  • 2 In this Guideline references to an ‘agency’ include Ministers and bound contracted service providers, unless otherwise specified.
  • 3 Section 12 of the IP Act.
  • 4 Section 36 of the Acts Interpretation Act 1954 (Qld).
  • 5 Section 189 of the IP Act.

Current as at: July 19, 2013