Terms of Reference

The Committee will examine: 

  • The frameworks used to identify and manage privacy risks, and meet the requirements of the Privacy Act 1988, in public sector entities that manage information on private individuals 
  • The ability of public sector entities holding personal information to respond effectively to data breaches, cyber threats, and malicious actors 
  • Any matters contained in and associated with Auditor-General Report No. 12 of 2025–26: Managing the Privacy of Client Information in Services Australia

The Committee invites submissions to the inquiry, addressing the terms of reference, by Friday, 8 May 2026.

Committee Secretariat contact:

Committee Secretary
Joint Committee of Public Accounts and Audit
PO Box 6021
Parliament House
Canberra ACT 2600

Phone: +61 2 6277 4615
jcpaa@aph.gov.au

About this inquiry

On 9 April 2026, the Joint Committee of Public Accounts and Audit adopted an inquiry into the management of client privacy in the Australian public sector. This inquiry will examine public service entities’ identification and management of privacy risks, their response strategy to information security breaches and threats, and matters related to the Auditor-General Report No.12 of 2025-26.

Track Inquiry

Inquiry Status

Accepting Submissions

How to make a submission

The committee invites individuals and organisations to send in their opinions and proposals in writing (submissions)

Accessibility

We are committed to ensuring that everyone who wishes to can participate in the Committee’s inquiry. If you have accessibility requirements, please contact the Committee Secretariat.

Further information regarding accessibility can be found at www.aph.gov.au/Help/Accessibility