The IPC was established on 1 January 2011 under the Privacy and Government Information Legislation Amendment Act 2010 by merging the Office of the Information Commissioner and Privacy NSW. The Bill established the Information Commissioner as head of the Commission.
We are a separate agency that administers NSW legislation dealing with privacy and access to government information. We support the Information Commissioner and the Privacy Commissioner in fulfilling their statutory responsibilities and functions to ensure that individuals and agencies can access consistent information, guidance and training on information access and privacy matters.
We were established to provide a single place for agencies and the community to seek information and assistance with information access and privacy rights in NSW. We promote and protect privacy and information access rights in NSW by:
- providing information, advice, assistance and training for agencies and individuals on privacy and access matters;
- reviewing the performance and decisions of agencies under the GIPA Act;
- investigating and conciliating complaints relating to regulated entities; and
- providing feedback and advice to Government about the legislation and relevant developments in the law and technology.
We take a contemporary, proactive regulatory approach. Our regulatory and business efforts are aimed at ensuring that the IPC and regulated entities operate in ways that advance information access and privacy protection for the citizens of NSW. Further information about our regulatory approach is contained in our Regulatory Framework and associated plans and policies, which are available on our website.
The functions of the IPC are overseen by the Parliamentary Joint Committee on the Office of the Ombudsman, the Police Integrity Commission and the Crime Commission.
The Information Commissioner administers the following legislation:
- Government Information (Public Access) Act 2009 (NSW) (GIPA Act)
- Government Information (Public Access) Regulations 2009 (NSW) (GIPA Regulations), and
- Government Information (Information Commissioner) Act 2009 (NSW) (GIIC Act).
The Information Commissioner has the power to review decisions made by other NSW government agencies and deal with complaints about information access, undertake investigations, monitor agency functions and report to the Attorney General about proposals for legislative or administrative change. Additionally, the Information Commissioner provides feedback about the legislation and relevant developments in the law and technological change as it impacts on information access.
The Information Commissioner is also:
- an investigating authority under the Public Interest Disclosures Act 1994, and
- the NSW Open Data Advocate.
In the role of Open Data Advocate, the Information Commissioner encourages the proactive public release of government information by agencies in ways that are respectful of data sharing safeguards, and provides information, advice and assistance to agencies and the NSW Public on access to government information. The role also provides advice to the Data Analytics Centre (DAC) and across NSW Government on the proactive release of non-personal data. The role of Open Data Advocate aligns with the functions of the Information Commissioner under the GIPA Act, in particular with authorising and encouraging the proactive public release of government information by agencies. The work of the Open Data Advocate is underpinned by the Open Data Policy and Action Plan. Further information is available from http://data.nsw.gov.au.
The Privacy Commissioner administers the following legislation:
- Privacy and Personal Information Protection Act 1998 (NSW) (PPIP Act)
- Privacy and Personal information Protection Regulation 2014 (NSW) (PPIP Regulation)
- Health Records and Information Privacy Act 2002 (NSW) (HRIP Act)
- Health Records and Information Privacy Regulation 2012 (NSW) (HRIP Regulations)
The Privacy Commissioner’s role includes promoting privacy as well as preparing reports recommending legislative, administrative or other action in the interests of privacy as well as conducting inquiries and investigations into privacy related matters.
The Privacy Commissioner also oversees the conduct of internal reviews by regulated entities, and deals with complaints about privacy related matters.
Corporate functions and services
We have corporate functions and obligations that we are required to fulfil including the effective and efficient management of:
- annual reporting
- information technology
- legislative compliance
- corporate governance.
These functions are conferred on the IPC under a number of Acts. Some of the key Acts include:
- Government Sector Employment Act 2013 – employment of staff
- Government Information (Public Access) Act 2009 – publication of certain government information and granting access to other information
- Privacy and Personal Information Protection Act 1998 – standards and requirements for collection and use of personal information
- Work Health and Safety Act 2011 – requirements for healthy and safe work practices
- Workplace Injury Management and Workers Compensation Act 1998 – management of injury and return to work
- Annual Reports (Departments) Act 1985 – requirements for annual reporting
- Public Finance and Audit Act 1983 – management and administration of financial affairs
- Public Interest Disclosures Act 1994 – requirements for dealing with complaints under the Act.
We are supported to undertake many of these functions by the Department of Justice under a Service Level Agreement.