OAICOffice of the Australian Information Commissioner
Australia's national regulator for privacy, freedom of information and government information policy.
In detail
The Office of the Australian Information Commissioner (OAIC) is the federal independent agency that administers the Privacy Act, the Notifiable Data Breaches scheme and parts of the Freedom of Information Act. The OAIC investigates privacy complaints, publishes guidance on emerging technologies (including AI), and reports quarterly on notifiable breaches. Penalties for serious or repeated interferences with privacy were significantly increased in late 2022.
Why it matters for Australian business
Every Australian business handling personal information has, in practice, two regulators in the room: the OAIC and the relevant industry regulator (AHPRA, NDIS, ACNC, ASIC and so on). The OAIC's quarterly Notifiable Data Breaches reports are the most useful public signal of where breaches happen and why. We use them as a reference for our security audits and Data and Privacy Advisory engagements.