Our website uses cookies so we can analyse our site usage and give you the best experience. Click "Accept" if you’re happy with this, or click "More" for information about cookies on our site, how to opt out, and how to disable cookies altogether.

More Accept ×

We respect your Do Not Track preference.

Close ×

opc header logo
  • Home /
  • What is a “compliance advice letter”?

Print | Email this page

What is a “compliance advice letter”? Julia Broughton
9 September 2019 at 10:29

letter2

Investigating complaints is an important function of our office and a considerable part of our workload. When we receive a complaint, we make an initial assessment about what steps we will take next. In some circumstances, we will investigate. In other instances, our office may decline to investigate.

There are also occasions when we cannot investigate, but we may decide that the complainant has raised legitimate concerns that should be brought to the attention of a respondent agency.

For instance, we may not have enough evidence of a breach of the Privacy Act or of a code of practice, but we have concerns about the conduct or practices of an agency. At this stage, we may offer a complainant the option of our Office contacting the agency with a compliance advice letter.

Compliance advice letter 

What our compliance advice letter contains will depend on the circumstances of the complaint. We may take the opportunity to:  

  • relay a complainant’s concerns directly to an agency
  • remind an agency of its obligations under the Privacy Act and codes
  • identify what conduct and practices of the agency we think conflict with its obligations
  • express any general concerns we have
  • make recommendations to an agency - such as a change to a policy, or an action it may wish to take with the complainant, such as offering an apology or an assurance
  • suggest the agency undertake our online privacy training to better understand its obligations.

How does it work?

But is a compliance advice letter from our office just a ‘slap on the wrist with a wet bus ticket’? Consider this:

  • it gives the agency the opportunity to take proactive action and to rectify any practices which are not in line with the Act, codes, or guidelines
  • it is a prompt outcome which is much faster than most other resolution options at our disposal.
  • it tells an agency that it is ‘on our radar’. If we receive similar complaints about the same agency in future, we will weigh this factor up when deciding whether we need to take further action
  • it is not a punishment or penalty. Our focus is on educating an agency and improving privacy practices.

Am I in trouble?

A compliance advice letter does not mean your agency is in trouble. It means:

  • we are aware we have only heard one side of the story
  • we are not making a finding about the factual correctness of the complaint or about if there has been a breach of your obligations
  • unless we have said that we will, it’s unlikely we will be taking any further action.

While a compliance advice letter is not a full investigation, an agency that receives one should take our correspondence seriously because we keep a record of the complaint and our letters for future reference. If we were to use a traffic analogy, consider it a warning for speeding, and not an actual speeding ticket.

Image credit: Free letter via Clipart.

Back
Previous Blog Post Next Blog Post

Latest Blog Entries

Back to top