ELearning: Privacy Awareness FAQs

Here are some frequently asked questions (FAQs) related to the Australian privacy laws. These FAQs cover key concepts such as types of information, consent and privacy breaches. If you have any additional questions, please reach out to your manager or Privacy Office for assistance.

What is health information?

Health information includes any information that is associated with an identifiable living individual’s health and wellbeing. It can include health records, genetic information, medication requirements, and wishes for future health services including organ donation.

What is personal information?

Personal information includes any information that is associated with an identifiable living individual. It can include name, address, Health Information, correspondence, audio recordings, images, alpha-numerical identifiers and combinations of these.

What is sensitive information?

Sensitive information includes any information that is associated with an identifiable living individual’s opinions or beliefs. It can be race or ethnic information, religious beliefs, philosophical beliefs, sexual preferences and orientation, or criminal record.

What are the key principles of the Australian Privacy Act?

There are 13 Australian Privacy Principles and they govern the standards, rights and obligations around; collection, use, and disclosure of personal information, ensuring its accuracy and security, providing individuals with access to their information, and giving them the right to correct it if necessary.

What is the difference between express and implied consent?

Express consent is given explicitly, either verbally or in writing, while implied consent is when consent is reasonably inferred from an individual’s actions or circumstances.

What should I do if I receive a privacy complaint?

Adults in Guiding should report privacy complaints or breaches to their SGGO or the GGA Privacy Officer immediately (depending which organisation is impacted by the privacy complaint or breach). Complaints should be handled promptly and in accordance with the organisation’s privacy policies and procedures.


Even suspected breaches should be reported to potentially limit the impact of the breach.

Can personal information be shared with third parties?

Personal information should only be shared with third parties in specific circumstances, such as with the individual’s consent or if it is required or authorised by law.


The GGA privacy collection statements provide those giving consent on how their information will be shared, including the sharing with third parties.

How should personal information be stored and protected?

Personal information should be stored securely, with measures in place to prevent unauthorized access, disclosure, or misuse. This includes using password protection, encryption, and physical security measures for paper records.

What are the consequences of a privacy breach?

Privacy breaches can lead to reputational damage for the organisation, legal consequences, and financial penalties. It’s essential to report and address breaches promptly to minimize their impact.


If you notice any breaches or personal or health data or think there might be one, make sure to notify your organisation’s Privacy Officer as soon as possible.

What rights do individuals have regarding their information?

Individuals have the right to access their personal information, request corrections if it is inaccurate or incomplete, and lodge complaints if they believe their privacy rights have been breached.

Are there any exceptions to privacy laws?

Yes, there are exceptions, such as for law enforcement purposes, national security, and certain health or safety emergencies.

What must I do if I think information has been accessed by someone who should not have access to the information?

Even if you are unsure, it is best to report it, contact your Privacy Officer in your state as soon as possible and provide details on what information you think has been accessed.


Search Girl Guides Australia