Privacy Act 1988 (Privacy Act) is concerned with your personal information. The rules governing how we deal with your personal information are contained in a set of Australian Privacy Principles (APPs). Below is a summary of our practices and procedures regarding access to and correction of personal information. Additional information can be found in our
The Privacy Act also requires the department to notify an individual of certain matters when we collect personal information about them.
Form 1442i is the notification of those matters.
Requests for records in relation to the Office of the Australian Information Commissioner (OAIC) notice to all persons in detention on 31 December 2014
If you are seeking access to your personal records in order to prepare a response to the
OAIC's notice to all persons in immigration detention on 31 January 2014 send an email to
firstname.lastname@example.org, with the type of personal records you are seeking (for example, your medical records from 2014 or later), your name and date of birth.
You are encouraged to request any evidence you need from the Department as soon as possible, because the Department may require 3-4 weeks to process your request.
The Department can only provide you with personal records that it holds for you. If you are seeking records in relation to services provided while you were in community detention, you will need to approach the relevant service provider directly.
We take steps to ensure that the personal information we collect is accurate, up to date and complete. These steps include correcting personal information that is inaccurate, out-of-date, incomplete, irrelevant or misleading when it is reasonable to do so.
Regular audits and quality inspections are conducted to ensure the accuracy and integrity of information is checked regularly and any systemic data quality issues are identified and resolved promptly.
Access to personal information
Individuals can access information about themselves in departmental documents (other than exempt documents) under the
Privacy Act 1988 or
Freedom of Information Act 1982 (FOI Act).
An individual can seek to obtain original documents or copies of personal information by approaching us.
The individual will be requested to complete
Form 424A Request for access to documents or information. This will allow us to track and monitor each request to ensure that we meet our legislative obligations under the FOI Act or Privacy Act. We have a statutory 30 day period to respond to the request.
Corrections of personal information
Individuals can seek to amend or annotate their personal information. How we amend or annotate a record depends on a number of circumstances.
Australian citizens seeking to change their personal information on their evidence of Australian citizenship such as name or date of birth should lodge
Form 119 Application for evidence of Australian citizenship with the required documents and fee in accordance with instructions on the form.
ImmiCard holders and changes under FOI and Privacy Acts
Requests to change biographic details on an ImmiCard (name or date of birth) can be made by completing an
ImmiCard amendment request. Applicants will need to attach official documentary evidence and/or an Australian Government issued Change of Name or Marriage Certificate to support the requested change.
We will consider issuing a new ImmiCard with amended biographic details following assessment of the online request and the evidence provided. The request might be referred to a case manager for an identity assessment as part of the visa process.
Non Australian citizens (permanent and temporary visa holders) with supporting documentation
Where an individual has official documentation in support of an amendment or correction, such as a passport or Australian Government issued Change of Name or Marriage Certificate, they should submit their request in writing using
Form 1022 - Notification of Change in Circumstance or
Form 1023 - Notification of Incorrect Answers. The form can be submitted through an IMMIaccount or sent to the nearest departmental office together with high-resolution scans (600dpi) of certified documentary evidence to support the identity change. The change can be actioned by the authorised case officer or relevant visa processing area.
Where the change is not supported by documented evidence
Where an individual’s request is not supported by official documentary evidence, and a decision is made under the Privacy Act to refuse access, the individual can apply under the FOI Act to amend or annotate their personal records. A decision to refuse amendment under the Privacy Act must include the reasons for refusal and the individual should be advised that they can complete
Form 424C - Request for amendment or annotation to personal records and submit it to us for a decision under the FOI Act. They should also be advised that obtaining documentary evidence is highly recommended.
Under the legislation that governs it, we do not have any power to ‘create’ a new identity, including where a person chooses to change their name. Under Australian law, the State and Territory Registrars of Births, Deaths and Marriages (RBDM) are the responsible authorities for preferred name changes.
Privacy Impact Assessment Register
In accordance with s 15(1) of the Australian Government Agencies Privacy Code (the Privacy Code), the Department is required to maintain a register of all Privacy Impact Assessments completed.
We will publish a version of our Privacy Impact Assessment Register each quarter.
Section 15(2) of the Privacy Code requires the Department to publish a version of the register; this is provided in the table below. In some cases the business area that has prepared the PIA report has also prepared a summary of PIA report; where such a summary is available, it is provided in the fourth column of the table.
Title of PIA
Date of PIA report
Business area that has prepared the PIA report
Summary of the PIA report (where available)
Migration 5, Secure Real-Time Platform Query and Response Privacy Impact Assessment
Biometrics and Data Exchange
The Migration 5’s (M5) Secure Real-Time Platform enables the automated exchange of information for visa and immigration purposes between M5 countries (Australia, Canada, New Zealand, the United Kingdom and the United States) using a query and response model.
Migration 5, Secure Real-Time Platform Push Share Privacy Impact Assessment
Biometrics and Data Exchange
The Migration 5’s (M5) Secure Real-Time Platform enables the automated exchange of information for visa and immigration purposes between M5 countries (Australia, Canada, New Zealand, the United Kingdom and the United States) using a push model.
Migration 5, Secure File Sharing Service Query and Response Privacy Impact Assessment
Biometrics and Data Exchange
The Migration 5’s (M5) Secure Real-Time Platform enables the manual exchange of information for visa and immigration purposes between M5 countries (Australia, Canada, New Zealand, the United Kingdom and the United States) using a query and response model.
Disclosing cruise passenger data to New Zealand Customs Service
The Department of Home Affairs disclosure of outward maritime passenger data of one-way cruise passengers and return trip cruise passengers to New Zealand to the New Zealand Customs Service (NZCS) to improve and streamline NZCS’s passenger assessment and clearance processes.
Making a complaint to us
If a person believes we have wrongly collected or handled their information, they can:
- telephone our Global Feedback Unit on 133 177 during business hours
- complete an
online feedback form
- write to:
Global Feedback Unit
GPO Box 241
Melbourne Vic. 3001
- contact us directly through any of our offices.
We are committed to the quick and fair resolution of complaints. Every complaint will be investigated and complainants will be advised of the outcome.
Making a complaint to the OAIC
If a person is unsatisfied with our response, they can write to the OAIC. The OAIC can investigate privacy complaints about the protection of personal information, order compensation to be paid where warranted and direct departments to change the way they handle personal information. If a person needs help lodging a compliant with the OAIC, they can call the OAIC Enquiries Line on 1300 363 992. If calling from outside Australia, they can call:
+61 2 9284 9749
The OAIC can receive privacy complaints through:
- the online Privacy Complaint form (refer to the
- by mail (if a person has concerns about postal security, they might want to consider sending their complaint by registered mail)
GPO Box 5218
Sydney NSW 2001
- by fax at
+61 2 9284 9666
- by email (email that is not encrypted can be copied or tracked) at
A person can make a complaint directly to the OAIC rather than to us, however it is likely that the OAIC would recommend that a person try to resolve the complaint directly with us in the first instance.