Privacy complaints
| Privacy complaints |
|---|
A privacy complaint may come under:
- the PPIP Act, section 53, if it relates to personal information and the Information Protection Principles (IPPs); or
- the HRIP Act, section 21, if it relates to health information and the Health Privacy Principles (HPPs).
Complaints under PPIP Act and the HRIP Act are dealt with by way of Internal Review. The process is the same under both Acts although the alleged conduct is assessed against different standards (the IPPs and the HPPs). The process for carrying out the review and recording the determination is set out in the Privacy Internal Review for Agencies Checklist.
An agency should understand the role of the IPC and its approach to using its regulatory powers. IPC’s Regulatory Framework describes how it aims to promote, assure, and enforce the PPIP and HRIP Acts.
| Relevant Resources |
|---|
- Privacy Internal Review for Agencies Checklist
- Managing Unreasonable Complainant Conduct
- Checklist for public sector staff: responding to a request for access to health information
- IPC Regulatory Framework
Read next: Data breach incidents
