Skip to Content

Organisation and functions

The Office of the Victorian Information Commissioner is an independent regulator with combined oversight of information access, information privacy, and data protection. The functions of the Information Commissioner, Public Access Deputy Commissioner, and Privacy and Data Protection Commissioner are set out in the Freedom of Information Act 1982 (FOI Act) and the Privacy and Data Protection Act 2014 (PDP Act).

The Freedom of Information Act

Under the FOI Act, the key functions of the Information Commissioner and Public Access Deputy Commissioner are:

  • to promote understanding and acceptance by agencies and the public of the FOI Act and its object;
  • to conduct reviews of decisions made by agencies and Ministers under the FOI Act;
  • to receive and handle complaints made under the FOI Act;
  • to provide advice, education and guidance to agencies and the public in relation to the Information Commissioner’s functions; and
  • to develop and monitor compliance with professional standards, and to provide advice, education and guidance to agencies and the public in relation to compliance with the professional standards.

The Privacy and Data Protection Act

The PDP Act provides for the regulation of information privacy, protective data security, and law enforcement data security.

The key functions of the Information Commissioner and Privacy and Data Protection Commissioner in relation to information privacy are:

  • to promote awareness and understanding of the Information Privacy Principles (IPPs);
  • to receive complaints about possible breaches of the IPPs by the Victorian public sector;
  • to conduct audits to assess compliance with the IPPs; and
  • to undertake research, issue reports, guidelines and other materials with regard to information privacy.

The key functions of the Information Commissioner and Privacy and Data Protection Commissioner in relation to protective data security and law enforcement data security are:

  • to develop the Victorian Protective Data Security Framework;
  • to issue protective data security standards and promote their uptake by the public sector;
  • to conduct monitoring and assurance activities to assess compliance with those standards; and
  • to undertake research, issue reports, guidelines and other materials with regard to protective data security.

You can also review the following pages which provide further information about our functions:

Back to top

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

I'm interested in

You have Successfully Subscribed!