Skip to main content

The Administrative Arrangements Order of 3 August 2023 transferred responsibility for protective security policy, including the Protective Security Policy Framework, from the Attorney-General's Department to the Department of Home Affairs. These Machinery of Government (MOG) changes began on 4 August 2023.

The PSPF Reporting Portal will transfer to the Department of Home Affairs on 11 June 2024. Before 11 June 2024, all entities and users must set up new authentication credentials through VANguard. You can get more information by contacting the Government Protective Security Policy section at or the PSPF hotline on 02 5127 9999.


The Privacy Act 1988 (Privacy Act) is concerned with your personal information. The rules governing how we deal with your personal information are contained in a set of Australian Privacy Principles (APPs). Below is a summary of our practices and procedures regarding access to and correction of personal information. Additional information can be found in our privacy policy.

The Privacy Act also requires the department to notify an individual of certain matters when we collect personal information about them. Form 1442i is the notification of those matters.

Data quality

We take steps to ensure that the personal information we collect is accurate, up to date and complete. These steps include correcting personal information that is inaccurate, out-of-date, incomplete, irrelevant or misleading when it is reasonable to do so.

Regular audits and quality inspections are conducted to ensure the accuracy and integrity of information is checked regularly and any systemic data quality issues are identified and resolved promptly.

Access to personal information

Individuals can access information about themselves in departmental documents (other than exempt documents) under the Privacy Act 1988 or Freedom of Information Act 1982 (FOI Act).

An individual can seek to obtain original documents or copies of personal information by approaching us.

The individual will be requested to complete Form 424A Request for access to documents or information. This will allow us to track and monitor each request to ensure that we meet our legislative obligations under the FOI Act or Privacy Act. We have a statutory 30 day period to respond to the request.

Privacy Impact Assessment Register

In accordance with s 15(1) of the Australian Government Agencies Privacy Code (the Privacy Code), the Department is required to maintain a Privacy Impact Assessment (PIA) Register of all PIAs completed since 1 July 2018.


Making a complaint to us

If a person believes we have wrongly collected or handled their information, they can:

The Manager
Global Feedback Unit
GPO Box 241
Melbourne Vic. 3001

We are committed to the quick and fair resolution of complaints. Every complaint will be investigated and complainants will be advised of the outcome.

Making a complaint to the Office of the OAIC

If a person is unsatisfied with our response, they can write to the OAIC. The OAIC can investigate privacy complaints about the protection of personal information, order compensation to be paid where warranted and direct departments to change the way they handle personal information. If a person needs help lodging a compliant with the OAIC, they can call the OAIC Enquiries Line on 1300 363 992.  If calling from outside Australia, they can call: +61 2 9284 9749

The OAIC can receive privacy complaints through:

  • the online Privacy Complaint form (refer to the OAIC’s website)
  • by mail (if a person has concerns about postal security, they might want to consider sending their complaint by registered mail)
    Sydney Office
    GPO Box 5218
    Sydney NSW 2001
  • by fax at +61 2 9284 9666
  • by email (email that is not encrypted can be copied or tracked) at

A person can make a complaint directly to the OAIC rather than to us, however it is likely that the OAIC would recommend that a person try to resolve the complaint directly with us in the first instance.