Queensland Information Privacy Act (IPA)

The privacy principles only apply to Queensland's government agencies;

The National Privacy Principles (NPP) applies only to health agencies;

The Information Privacy Principles (IPP) apply to all agencies other than health agencies;

The concerned individual can make an application to the agency or the minister to access or amend his/her personal information by providing an approved form, sufficient information regarding the document, the address to which the notice should be sent, information that he/she considers incomplete/inaccurate, and after ten days of submitting the application, evidence of identity;

An individual can contact the information commissioner to file a privacy complaint if he/she first filed the complaint to the organization and the organization did not respond within 45 days or if the individual is unsatisfied with their response;

Transfer of personal information to any entity outside Australia may only be when:

• the individual consents,
• required by law or necessity for public safety or welfare,
• performance of functions by the entity,
• the entity is confident that the other entity will handle the personal information fairly or will abide by the IPPs and NPPs, and
• the transfer is beneficial for the individual, but it is impractical to obtain his consent, but if the individual knows, he/she is likely to give consent;

If the complaint is accepted, a mediation process will be initiated between the user and the offending organization;

If the mediation process does not resolve the issue, the OIC will forward the case to the Queensland Civil and Administrative Tribunal (QCAT);

Any unlawful access, false or misleading information, disclosure to take advantage, failure to produce documents or attend proceedings, and giving misleading directions (orally or written) will be subject to 100 penalty units (as per Crimes Act 1914, one penalty unit equals 275 AUD).