Privacy Principles

About Information Privacy

Queensland public sector agencies, with the exception of Queensland Health, are required to comply with eleven (11) Information Privacy Principles (IPPs) that set out how personal information must be collected and managed in the public sector environment.
Other than some minor modifications, the IPPs have been in operation in Queensland since 2001 under the administrative privacy regime established by Information Standard 42 (IS42).  Except in relation to contracts in place prior to commencement of the IP Act, where relevant components of IS42 are cited, IS42 no longer applies in the Queensland public sector environment.
The IPPs have been adapted from the Commonwealth Privacy Act 1988.

Information Privacy Principles (IPPs)

The full text of the IPPs is available in schedule 3 of the IP Act. In summary, the IPPs cover the following:

  1. Collection of personal information (IPPs 1, 2, 3)
  2. Security of personal information (IPP 4)
  3. Information about personal information holdings (IPP 5)
  4. Access and amendment of personal information (IPPs 6, 7)
  5. Use of personal information (IPPs 8, 9, 10)
  6. Disclosure of personal information (IPP 11)

National Privacy Principles (NPPs)

Queensland Health is required to comply with nine (9) National Privacy Principles (NPPs) that set out how personal information must be collected and managed in the public health sector environment.
Other than some minor modifications, the NPPs have been in operation in Queensland since 2001 under the administrative privacy regime established by Information Standard 42A (IS42A).  Except in relation to contracts in place prior to commencement of the IP Act, where relevant components of IS42A are cited, IS42A no longer applies in the Queensland public health sector environment.
The NPPs have been adapted from the Commonwealth Privacy Act 1988.
The full text of the NPPs is available in schedule 4 of the IP Act. In summary, the NPPs cover the following:

  • Collection of personal information (NPP 1)
  • Limits on use or disclosure of personal information (NPP 2)
  • Quality of personal information (NPP 3)
  • Security of personal information (NPP 4)
  • Information about personal information holdings (NPP 5)
  • Access and amendment of personal information (NPPs 6, 7)
  • Anonymity (NPP 8)
  • Collection and handling of sensitive personal information (NPP 9)
Last updated:
11 February 2020
Last published:
6 January 2017