The Privacy Act 1988 and the Australian Privacy Principles (APPs), which are contained in schedule 1 of the Privacy Act, cover the way in which personal information must be handled, used and managed. It covers:

  • most Australian and Norfolk Island Government agencies,
  • all private sector and not-for-profit organisations with an annual turnover of more than $3 million,
  • all private health service providers and
  • some small businesses (collectively called ‘APP entities’)

The APPs cover market and social research organisations of any size if they handle personal information.

The Office of the Australian Information Commissioner (OAIC) has many resources to assist in the implementation of the APPs and other relevant matters:

The Privacy Act 1988 and Australian Privacy Principles

These guides provide detailed advice and guidance on the application of the Privacy Act 1988 for agencies and organisations:

De-identification of personal information

The OAIC gives information on de-identification and the Privacy Act:

Notifiable Data Breaches Scheme

Information on the Notifiable Data Breaches Scheme (NDBR):

Privacy (Market and Social Research) Code 2021

The Association of Market & Social Research Organisations’ (AMSRO) developed a Privacy (Market and Social Research) Code following updates to the Privacy Act in 2014. It was reviewed in 2021.

The Privacy Code is a guide to how the APPs are to be applied when conducting research. It also covers some additional requirements for researchers, reflecting The Research Society Code of Professional Behaviour. It is available on the OAIC website:

Privacy Toolkit

Privacy tool kit

The Research Society provides access to a privacy tool kit, including templates designed to help organisations meet their obligations under the privacy legislation. They include:

  • Privacy Policy
  • Data collection Statement and Checklist
  • Data Breach template.


Privacy toolkit

A Privacy toolkit which is a set of templates designed to assist organisations meet their obligations under Australian Privacy legislation. These templates cover: Privacy Policy; Data Collection Statement and Checklist and Data Breach.

Publication Cost

$500.00 inc gst

IRG Members
$250.00 inc gst

Client & Company Partners

Non Members
$1,250.00 inc gst

Order Your Copy Here

The Research Society also offers an ISO20252:2019 Toolkit and HR and IT Policy bundles. You can find information about these resources here.