We recommend installing Microsoft Edge, Google Chrome, Safari, Firefox, or Opera to visit the site.
Regulatory action
OVIC regulates the Victorian Government and advises the community about how the public sector collects, protects, uses and shares information.
Latest updates
Process versus Outcome - Investigation into VicForests' handling of a series of FOI requests has been published Updated 24/03/2023
Witness Welfare Management Policy has been published Updated 05/12/2022
Impediments to timely FOI and information release: twelve months on has been published Updated 25/10/2022
Our Regulatory Approach
OVIC's regulatory approach is independent, collaborative, targeted and proportional, transparent and consistent.
Our Regulatory Action Policy explains how we use our powers when taking regulatory action.
Witness Welfare Management Policy
This policy describes how OVIC supports the welfare of witnesses and other people involved in OVIC regulatory action.
OVIC’s regulatory priorities focus on significant issues impacting the information rights of Victorians.
OVIC participates in national and international regulatory networks to discuss common challenges and priorities.
Investigations
OVIC has regulatory powers to undertake investigations and issue a Compliance Notice if there is a serious breach of legislation.
Examinations
OVIC has regulatory powers to undertake examinations to investigate a potential breach, or as a proactive assurance tool.
Process versus Outcome: Investigation into VicForests' handling of a series of FOI requests
OVIC conducted an investigation into VicForests' handling of a series of FOI requests to determine if it acted consistently with obligations under the FOI Act.
Investigation into impediments to timely freedom of information
OVIC conducted an own motion investigation into the timeliness of FOI decisions at five Victorian government agencies to identify the factors contributing to delay.
Impediments to timely FOI and information release: twelve months on
This report outlines the progress of agencies in implementing recommendations twelve months on from the own motion investigation.
Investigation into unauthorised access to client information held in the CRISSP database
OVIC conducted an investigation into a data breach involving the former Department of Health and Human Services and issued a compliance notice.
Investigation into the disclosure of myki travel information
OVIC conducted an investigation into a data breach involving myki users' privacy by Public Transport Victoria and issued a compliance notice.
Examination into privacy and information handling training at Victoria Police
The objective was to examine whether the training provided to Victoria Police personnel meets the requirements of Information Privacy Principle 4.1.
Examination of Victorian universities' privacy and security policies
OVIC conducted an examination into the protection of personal information in Victorian universities to ensure compliance with the Information Privacy Principles.
OVIC conducted an examintion into the use of digital learning tools in Victorian government primary schools and how privacy issues are managed.
Examination of Local Government Privacy Policies
OVIC conducted an examination of local government privacy policies to measure compliance with the Information Privacy Principles.
Audits
OVIC has regulatory powers to monitor and assure compliance with the Victorian Protective Data Security Framework.
Global Privacy Enforcement Network
Each year privacy regulators from around the world coordinate a global analysis of privacy practices.
Audit of Standard 2 of the Victorian Protective Data Security Standards
This audit focused on four Victorian public sector organisations' adherence to Standard 2 of the Victorian Protective Data Security Standards.
Audit of Standard 8 of the Victorian Protective Data Security Standards
This audit focused on four Victorian public sector organisations' adherence to Standard 8 of the Victorian Protective Data Security Standards.
Reports published by predecessor agencies
Review of information governance in the Department of Health and Human Services
This report was published by the Commissioner for Privacy and Data Protection in January 2017.
Review of the Victoria Police Security Incident Management Framework and Practices
This report was published by the Commissioner for Privacy and Data Protection in January 2017.