What is the Information Privacy Principles Instruction?
The Information Privacy Principles Instruction (IPPI) is a Premier and Cabinet Circular, otherwise known as PC012. It contains the Information Privacy Principles that regulate the way South Australian government agencies:
- collect
- use
- store
- disclose and
- provide access to and the correction of personal information.
The principal officer, or Chief Executive, of each agency is required to ensure the IPPI is implemented, maintained and observed in respect to the personal information the agency collects or holds.
The IPPI includes a right for an individual to access and amend their own personal information via the Freedom of Information Act 1991.
The IPPI recognises the need to balance personal privacy with the broader public interest. If your agency has a legal requirement to collect, use or disclose personal information, then that legislation takes precedence.
The IPPI does not prevent disclosure of personal information where it is in the public interest to do so, such as a serious threat to the life, health or safety of a child or any other person. It specifically does not prevent the disclosure of information where there is a lawful reason such as a mandatory reporting obligation under the Children’s Protection Act 1993.
What is Personal Information?
Personal information is defined in the IPPI as information or an opinion, whether true or not, relating to a natural person or the affairs of a natural person whose identity is apparent, or can reasonably be ascertained, from that information or opinion.
While a natural person is taken to be a living person there may be different considerations for information about the deceased. Agencies are encouraged to respect the sensitivities of family members when using or disclosing such information.
Agencies are also encouraged to respect the sensitivities of family members when using or disclosing personal information pertaining to First Nations people.
- name
- address
- date of birth
- financial or health status
- signature
- ethnicity
- gender
- religion
- alleged behaviours
- licensing details
- photographs
- biometrics (fingerprints, retina scans, gait)
- video footage
Contracted Service Providers
It is common practice for government to engage private sector organisations to provide services on their behalf.
The IPPI recognises this practice and includes provisions to ensure both agencies and the contracted service providers are accountable for the protection of the personal information they handle.
The IPPI requires personal information handled by contracted service providers, undertaking a service on behalf of government, to be treated in the same way it would if the agencies themselves were delivering the service.
See the Contracted Service Providers webpage for more information regarding privacy and contracted service providers.
For broader information on information management practices and contracted service providers, see the Contracting and Information Assets Standard and the Contracting and Information Assets Guideline.