Private sector organisations seeking advice on Privacy / GIPA compliance

Private sector companies and businesses are not covered by the Government Information (Public Access) Act 2009 (GIPA Act) however there may be implications if you have contracts with government sector agencies.

Private sector companies and businesses are also not covered by the Privacy and Personal Information Protection Act 1998 (PPIP Act). Although the NSW Privacy Commissioner has broader functions to investigate privacy related matters.

The Health Records and Information Privacy Act 2002 (NSW) (or HRIP Act) applies to both public and private sector health organisations, health service providers (such as your GP, dentist or physiotherapist) and businesses with a turnover of more than $3 million that hold health information (such as an insurance company).

Some private sector companies are covered by the Federal Privacy Act 1988, which is administered by the office of the Australian Privacy Commissioner.

For more information about the Federal privacy laws, you can call 1300 363 992, email or visit

Please note that the Information and Privacy Commission NSW (IPC) does not provide legal advice in any circumstance. If you are seeking legal advice, we suggest you contact LawAccess on 1300 888 529 or your local community Community legal centre or the Law Society Solicitor Referral Service on 1800 422 713.