Privacy

What is Privacy?

Protecting your personal and health information in NSW is guided by two main laws: the Privacy and Personal Information Protection Act 1998 (PPIP Act) and the Health Records and Information Privacy Act 2002 (HRIP Act). These laws set out how NSW government agencies, including local government, state-owned corporations, universities and some private health providers must handle your information. This includes things like your name, date of birth, address, or medical history. The laws give you rights to see the information held about you, ask for changes if it’s wrong, and make a complaint if you think your privacy has been breached.

If you’re worried about how your information has been used, you can ask the agency or provider to review what happened. You can also contact the Information and Privacy Commission NSW (IPC) for help or to make a complaint. The IPC makes sure agencies follow the rules and respect your privacy. These laws are designed to give you more control over your personal and health information, and help make sure it’s handled in a fair and respectful way.

What is the IPC's role and jurisdiction?

The Information and Privacy Commission NSW (IPC) is an independent statutory authority that administers legislation dealing with privacy and access to government held information in NSW. As part of its regulatory work, the IPC undertakes reviews and complaints in relation to information access and privacy. 

The IPC has jurisdiction over NSW government agencies and departments, local councils, NSW universities, NSW state-owned corporations and some private health service providers. 

Find out more

I want to know about...

NSW Privacy Laws

The IPC oversees a number of laws that protect and promote the protection of personal and health information in NSW.

Making a request for personal information

You can make an informal application under both the PPIP Act or HRIP Act, however, most agencies will require authorisation in writing and will ask for proof of identification.

Making a privacy complaint

The IPC provides guidance and resources for individuals seeking to make a complaint to the NSW Privacy Commissioner about their privacy being breached by a NSW public sector agency.

Privacy forms

The Information and Privacy Commission NSW (IPC) has forms to assist you in making a privacy complaint under the PPIP Act.

CCTV on private property

The IPC cannot provide any advice related to individual rights and obligations in relation to surveillance laws. This page provides you with further support on where to receive such advice.

Data breach information and the MNDB Scheme

The Mandatory Notification of Data Breach Scheme (MNDB Scheme) is a mandatory notification requirement under the PPIP Act for NSW public sector agencies in the event of an ‘eligible data breach’.

Data breach support

If you have been affected by a data breach, there are support services available to help. This page provides you with more information on some of the support services you can access.

MNDB Scheme - Information for agencies

The Mandatory Notification of Data Breach (MNDB) Scheme requires agencies to notify the Privacy Commissioner and provide notifications to affected individuals in the event of an 'eligible data breach'.

IPC e-Learning

The IPC's e-Learning portal contains a number of online training modules to provide training across privacy and government information access legislation.

Campaigns & Key Events

Latest news

The IPC releases new Easy English Guides

News Article

The Information and Privacy Commission (IPC) has recently released its new Easy English Guides to provide members of the public with the simple information they need to understand their information access and privacy rights.

ipc_news_stories_20.png