Skip to content
State Government of Victoria logo
Service Agreement Information Kit for Funded Organisations

3.6.3 Freedom of information

Disclaimer: this disclaimer must be read in conjunction with the content of this page.

The Freedom of Information Act 1982 (Vic) (FOI Act) allows individuals to access certain information about their personal affairs and the activities of government organisations (including departments councils and prescribed authorities). The FOI Act also gives individuals the right to request that information held about them by these organisations that is incomplete, incorrect, out of date or misleading be amended or appropriately notated.

When a person makes a request to the department for access to their personal information, health information or any other information, the department will review the request to make sure that all necessary information has been included and the documents being requested have been clearly identified. The department will contact the person making the request if further information is required. The FOI Act requires the department to provide an applicant with a decision within 45 days from when a valid request is received.

A request received by the department may include documents or records that are held by organisations funded by the department. Clause 6.6 of the Service Agreement requires organisations to provide the department, or any other person authorised by the department, with access to records that relate to a request under the FOI Act, or any other laws that apply to the records, if those records are in the organisation’s possession or control.

If an organisation receives a request referring to the FOI Act and seeking access to records held by the organisation, the organisation should advise the applicant that the request should be made to the department and, as an alternative, offer to process the application as a request by the individual for access to their personal information (under the Privacy and Data Protection Act 2014 (Vic)(PDP Act)) and/or teir health information (under the Health Records Act 2001 (Vic)(HR Act)), see below.

Access and correction of personal information

Under the Service Agreement, funded organisations must ensure that they comply with the Information Privacy Principles (IPP) under the PDP Act and Health Privacy Principles under the HR Act.

IPP 6 and HPP 6 requires an organisation that holds personal information or health information about an individual to provide the individual with access to their personal or health information upon request, unless the organisation is not required to provide access because of a reason set out in IPP 6.1 (a) to (j) or HPP 6.1 (a) to (l) which may include circumstances where:

  • providing access would:
    • pose a serious and imminent threat to the life or health of any individual
    • have an unreasonable impact on the privacy of other individuals
    • be unlawful
    • be likely to prejudice an investigation of possible unlawful activity
  • the request for access is frivolous or vexatious
  • the information relates to existing legal proceedings between the organisation and the individual, and the information would not be accessible by the process of discovery or subpoena in those proceedings.

Funded organisations should be aware that where an individual makes a direct request to an organisation for access or correction to their personal or health information, the organisation must directly respond to the request in accordance with IPP 6 or HPP 6, as the case may be.

When providing access to personal or health information, funded organisations need to ensure that they do not infringe any third person’s privacy rights. Further information on the IP Act (IPP 6) and HR Act (HPP 6) is found in section 3.17 Privacy, Data Protection and Protected Disclosures (opens in a new window) of the information kit.

Requirements of the Department of Health and Human Services

Under clause 6.3(b) of the Service Agreement, organisations that are funded by the Department of Health and Human Services are required to maintain custody of and manage records in a way which allows the department to quickly and easily access, retrieve and review the records, including when requests are made under the FOI Act.

The Service Agreement also requires organisations to advise the department about records that may fall within the scope of a request or direction received by the department under the FOI Act or any other law, where the department has notified the organisation about the details of the request or direction in writing.

Fact sheet 5: Freedom of information and funded organisation records

A fact sheet on Freedom of Information is available on the Funded Agency Channel web page 'Records management for organisations funded under the Service Agreement' (external link, opens in a new window). Refer to 'Fact sheet 5: Freedom of information and funded organisation records'.

Further information

If organisations have any further queries on Freedom of Information (FOI) please contact the FOI enquiry line on 9096 8449.

Further information about the FOI Act is available at the Freedom of Information website (external link, opens in a new window) and the Freedom of Information Commissioner website (external link, opens in a new window).

Further information about the Privacy and Data Protection Act for Victorian Government departments and funded organisations is available at the Commissioner for Privacy and Data Protection's website (external link, opens in a new window).