Commonwealth Consolidated Acts

[Index] [Table] [Search] [Search this Act] [Notes] [Noteup] [Previous] [Next] [Download] [Help]

PRIVACY ACT 1988 - SECT 80P

Authorisation of collection, use and disclosure of personal information

  (1)   At any time when an emergency declaration is in force in relation to an emergency or disaster, an entity may collect, use or disclose personal information relating to an individual if:

  (a)   the entity reasonably believes that the individual may be involved in the emergency or disaster; and

  (b)   the collection, use or disclosure is for a permitted purpose in relation to the emergency or disaster; and

  (c)   in the case of a disclosure of the personal information by an agency--the disclosure is to:

  (i)   an agency; or

  (ii)   a State or Territory authority; or

  (iii)   an organisation; or

  (iv)   an entity not covered by subparagraph   (i), (ii) or (iii) that is, or is likely to be, involved in managing, or assisting in the management of, the emergency or disaster; or

  (v)   a responsible person for the individual; and

  (d)   in the case of a disclosure of the personal information by an organisation or another person--the disclosure is to:

  (i)   an agency; or

  (ii)   an entity that is directly involved in providing repatriation services, medical or other treatment, health services or financial or other humanitarian assistance services to individuals involved in the emergency or disaster; or

  (iii)   a person or entity prescribed by the regulations for the purposes of this paragraph; or

  (iv)   a person or entity specified by the Minister, by legislative instrument, for the purposes of this paragraph; and

  (e)   in the case of any disclosure of the personal information--the disclosure is not to a media organisation.

  (2)   An entity is not liable to any proceedings for contravening a secrecy provision in respect of a use or disclosure of personal information authorised by subsection   (1), unless the secrecy provision is a designated secrecy provision (see subsection   (7)).

  (3)   An entity is not liable to any proceedings for contravening a duty of confidence in respect of a disclosure of personal information authorised by subsection   (1).

  (4)   An entity does not breach an Australian Privacy Principle, or a registered APP code that binds the entity, in respect of a collection, use or disclosure of personal information authorised by subsection   (1).

  (6)   A collection, use or disclose of personal information by an officer or employee of an agency in the course of duty as an officer or employee is authorised by subsection   (1) only if the officer or employee is authorised by the agency to collect, use or disclose the personal information.

  (7)   In this section:

"designated secrecy provision" means any of the following:

  (a)   sections   18, 18A, 18B, 92 and 92A of the Australian Security Intelligence Organisation Act 1979 ;

  (b)   section   34 of the Inspector - General of Intelligence and Security Act 1986 ;

  (c)   sections   39, 40C, 40D and 41 of the Intelligence Services Act 2001 ;

  (ca)   sections   42 to 44 of the Office of National Intelligence Act 2018 ;

  (d)   a provision of a Commonwealth law prescribed by the regulations for the purposes of this paragraph;

  (e)   a provision of a Commonwealth law of a kind prescribed by the regulations for the purposes of this paragraph.

"entity" includes the following:

  (a)   a person;

  (b)   an agency;

  (c)   an organisation.



AustLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback