the solution

Other Information

 June Training Sessions

FOI Solutions is offering the following upcoming training sessions via videoconference:

  • 2 June 2022 - Substantial and Unreasonable Diversion Requests: How much is too much?
  • 29 June 2022 - Recent Developments with VCAT in FOI and Privacy.

For more information or to book online, visit the training sessions page on our website.

Monthly VCAT Decision Summaries

Our experienced staff have been preparing VCAT Decision Summaries since 2004. These summaries are designed to equip agencies with developing a further understanding of how VCAT handles matters relating to FOI, privacy and health privacy respectively.

 

If you would like to keep up to date with these matters on an ongoing basis and believe this service will suit you please register your interest.

 

For more information visit our website  or contact our office on (03) 9601 4111 or email marketing@foisolutions.com.au.

 

 

Question Time

Q: Does Information provided in confidence need not be true for section 35 of the FOI Act exemption to apply?

 

A:  Section 35(1) of the FOI Act will exempt a document from release if the disclosure of the document would divulge any information or matter communicated in confidence by a person or on behalf of a person to an agency or Minister and the information or the disclosure of the information also meets the elements in either subsections (a) or (b) of the exemption.

 

A question that comes up from time to time is whether the exemption can still be relied upon if the information that was provided in confidence is false, vexatious or questions arise to the lawfulness of its communication to the agency. The short answer is yes, the exemption can still be relied upon in these circumstances, so as long as the other elements in the exemption are also made out. For the exemption to be engaged, it does not matter whether the information is true or not or whether the person external to the agency who provided the information to the agency did so lawfully. 

 

Where appropriate to do so, any questions of unlawfulness of disclosure can and should be addressed by other means, such as by contacting Victoria Police or regulatory bodies such as the IBAC or the Victorian Ombudsman.

 

Q: Is your organisation liable for breaching privacy due to an act done or practice engaged in by an employee and/or agent that contravenes the Privacy and Data Protection Act 2014?

 

A: Section 118 of the Privacy and Data Protection Act 2014 addresses the relationship between employees and agents who carry out acts or practices on behalf of the organisation. Under s 118, an act done or practice engaged in by an employee or agent is taken to have been done or engaged in by the organisation unless the organisation establishes that it took reasonable precautions and exercised due diligence to avoid the act being done or the practice being engaged in by its employees or agents. 

 

In other words, if your organisation establishes that it took reasonable precautions and exercised due diligence to avoid the privacy breach from occurring, it would not be liable for a breach of privacy. It is important to note, that the required standard is that the steps are "reasonable". This requires consideration of the circumstances and factors to determine whether the steps taken were reasonable to prevent the act or practice from occurring. (see example case TSJ v Department of Health and Human Services [2016] VCAT 687).