This is an HTML version of an attachment to the Freedom of Information request 'Privacy training in the Defence Department'.

Australian Privacy Principle 1: Open 
and transparent management of 
personal information 

The object of APP 1 is 'to ensure that APP entities manage personal information in an open and transparent 
way.' (APP 1.1). This enhances the accountability of APP entities for their personal information handling 
practices. This is done by requiring APP entities to take proactive steps to establish and maintain practices, 
procedures and systems for the open and transparent management of personal information. 
Privacy Policy 
In order to promote openness and transparency, APP 1 specifically requires APP entities to have a clearly 
expressed and freely available privacy policy. The privacy policy is designed to inform individuals about the 
way personal information is collected, stored, used and disclosed to give individuals confidence that APP 
entities handle their personal information in a way which is consistent with the APPs and protect their 
privacy; and to provide information on how to resolve potential breaches of privacy. 
Mandatory information 
A privacy policy must include information about: 
the kinds of personal information that the entity collects and holds;  
b.  how the entity collects and holds personal information;  
the purposes for which the entity collects, holds, uses and discloses personal information;  
d.  how an individual may access any personal information about themselves that is held by the entity 
and how they may seek the correction of such information;  
how an individual may complain about a breach of the Australian Privacy Principles, or a 
registered APP code (if any) that binds the entity, and how the entity will deal with such a 
complaint; and  
whether the entity is likely to disclose personal information to overseas recipients, and if so to 
which countries. 
How to access the Defence Privacy Policy 
The Defence Privacy Policy is available to view on the Defence internet at the 
privacy page . People who 
are not able to access the Defence Privacy Policy electronically may request a hard copy of the document by 
writing to: 
Defence Privacy Officer 
Directorate of Complaint Resolution, 
Department of Defence, 
PO Box 7927, 
Hard copies of the Defence Privacy Policy may also be obtained by emailing The Defence Privacy Policy is reviewed on an annual basis. 
All Defence personal should familiarise themselves with the Defence Privacy Policy. They should also be 
aware of how to access the document. 

Document Outline