The Guides to Social Policy Law is a collection of publications designed to assist decision makers administering social policy law. The information contained in this publication is intended only as a guide to relevant legislation/policy. The information is accurate as at the date listed at the bottom of the page, but may be subject to change. To discuss individual circumstances please contact Services Australia.

1.4.2 Privacy & confidentiality

Introduction

This section explains the difference between confidentiality and privacy.

Confidentiality under PPLAct

Protected information (1.1.P.270) is defined in the PPLAct to include information about a person that is or was held in the records of Services Australia or DSS.

The PPLAct sets out the circumstances in which protected information can be obtained, recorded, disclosed and otherwise used. Services Australia, DSS and ATO staff can only deal with protected information as authorised under the PPLAct.

In limited circumstances, protected information may also be disclosed if it is in the public interest.

It is a criminal offence to access or use protected information without authorisation. A breach of the protected information framework in the PPLAct carries a maximum penalty of 2 years imprisonment.

As the Commissioner of Taxation (1.1.C.125) is responsible for the administration of parts of the PPLAct related to the PPLSC (PPLAct Chapter 3A), people who acquire information under that Chapter are also subject to the confidentiality of taxpayer information provisions in the Taxation Administration Act 1953, including those relating to the disclosure of protected information within the meaning of that Act.

Explanation: Confidentiality provisions govern the actions of Services Australia, DSS and ATO staff.

Act reference: PPLAct Part 4-1 Division 3—Confidentiality

Taxation Administration Act 1953 Division 355—Confidentiality of taxpayer information

Policy reference: PPL Guide 6.1.2 Confidentiality

Privacy law

The Privacy Act 1988 governs the manner in which 'personal information' is handled by Commonwealth agencies and businesses. It also provides safeguards for the collection and use of TFNs.

'Personal information' is defined in the Privacy Act to mean information or an opinion, whether true or not, and whether recorded in a material form or not, about an identified individual, or an individual who is reasonably identifiable.

Services Australia, DSS and the ATO are required to comply with the 13 Australian Privacy Principles (APPs) contained in the Privacy Act. The APPs are grouped as follows:

  • consideration of personal information privacy (APPs 1 and 2)
  • collection of personal information (APPs 3, 4 and 5)
  • dealing with personal information (APPs 4, 6, 7, 8 and 9)
  • integrity of personal information (APPs 10 and 11), and
  • access to, and correction of, personal information (APPs 12 and 13).

Services Australia, DSS and ATO staff must comply with the APPs when dealing with personal information. Unauthorised collection, access, use or disclosure of personal information is a breach of the Privacy Act.

Explanation: Privacy provisions govern the practices of Government agencies and businesses.

Privacy (Tax File Number) Rule 2015

The Privacy (Tax File Number) Rule 2015 (TFN Rule), made under section 17 of the Privacy Act, regulates the collection, storage, use, disclosure, security and disposal of individuals' TFN information.

A breach of the TFN Rule is an interference with privacy under the Privacy Act. Individuals who consider their TFN information has been mishandled may make a complaint to the Information Commissioner. Where a breach is very serious, the Information Commissioner may seek to impose a civil penalty.

As well as constituting a breach of the TFN Rule, unauthorised use or disclosure of TFNs may constitute an offence under the Taxation Administration Act, with a maximum penalty of an $18,000 fine (100 penalty units) or 2 years' imprisonment, or both.

Services Australia, DSS and the ATO are authorised recipients of TFN information for the purposes set out in the PPLAct.

More detailed information about privacy and the TFN Rule is available at the OAIC's website, and TFN queries or enquiries can be directed to the DSS Feedback and Complaints team using the following contact details:

  • Email: [email protected]
  • Telephone: 1800 634 035
  • Post: DSS Feedback, GPO Box 9820, Canberra ACT 2601

Act reference: Privacy Act 1988

Privacy (Tax File Number) Rule 2015

Last reviewed: