NDIA Document Storage, Archive and Retrieval Policy and Procedure
Dear National Disability Insurance Agency,
Please provide a copy of the NDIA Document Storage, Archive and Retrieval Policy and Procedure. That is, the specific NDIA policy and procedure for the capture, recording, storage, archiving and retrieval of public information and documents as a Commonwealth Agency.
Context:
“Information management standards help Australian Government agencies to create and manage business information effectively. Know which standards apply to your agency and how to implement them” [4] so as to build trust in public record keeping. More specifically, “The Building trust in the public record: managing information and data for government and community policy came into effect on 1 January 2021. The policy identifies key requirements for managing Australian Government information assets (records, information and data). It helps Australian Government agencies improve how they create, collect, manage and are able to use information assets. The Australian Government relies on well-managed information to better support, protect and serve the community” [5]. All of which seem aimed at “reducing areas of information management inefficiency and risk” [6], especially where cloud, storage and retainment issues are concerned [7] or transferred to National Archives.
The National Archives Act seemingly specifies the information record storage and retention requirements for Commonwealth entities [1]. The Information Management Standard for Australian Government [2] provides further specific guidance (including citing the National Archives Act 1983) on well-managed business information with Government. In particular, 8 guiding principles. They are:
1. Business information is systematically governed
2. Necessary business information is created
3. Business information is adequately described
4. Business information is suitably stored and preserved
5. How long business information should be kept is known
6. Business information is accountably destroyed or transferred
7. Business information is saved in systems where it can be appropriately managed
8. Business information is available for use and reuse [3]
In short, there seems to be a significant emphasis and requirement for Commonwealth entities to effectively store, archive and retrieve public information, data and documents. The Office of the Australian Information Commissioner (OAIC) has also provides specific advice to ensure information and risks have been adequately mitigated [8]. This would also seem to have been significantly emphasised by the National Archives too [9], especially when it come to metadata. IN sum, there is a significant information governance framework [10], supported but a suite of international standards such as ISO 16175 - Process and Functional Requirements for Managing Records and ISO 15489 Records Management [11]. ISO 15489 in particular relates to “a) records, metadata for records and records systems; b) policies, assigned responsibilities, monitoring and training supporting the effective management of records; c) recurrent analysis of business context and the identification of records requirements; d) records controls; e) processes for creating, capturing and managing records.” [12]. Overall, there seems to be a clear, consistent emphasis on effective and efficient storage and retrieval of Government documents and information.
As part for the Data Interoperability Maturity Model [13] , the National Archives of Australia asserts that “All Australian Government agencies should have assigned responsibilities at a senior executive level for a CIGO to support enterprise-wide information governance. A dedicated role for senior executive represents a best practice approach“ [14]. It would therefore stand to reason that the NDIA has both a CIGO and supporting policies and procedures. Which forms the focus of this request. In particular, to understand why a relatively simple public document retrieval request, taking no more than a few minutes to complete in most other Government Agencies or private corporations, would take the NDIA longer than 30 days to complete. For example:
1. FOI 20/21-0856 NDIA Risk assessment for the Independent Assessments (IA) pilot [17]
2. FOI 20/21-0854 NDIA’s current Risk Management Policy/ies and Procedures and Procurement Risk Management Policy/procedures
3. FOI 20/21-0853 NDIA’s current Investigations Policy/ies and Procedures [20]
4. FOI 20/21-08551 NDIA’s Pandemic/epidemic risk assessment for NSW and VIC [19]
5. FOI 20/21-0848 NDIA’s Pandemic Plan for NSW and VIC [18]
6. FOI 20/21-0843 NDIA’s Risk Management Framework, Audit/Risk Committee Minutes of Meeting, Risk Management Declaration and Risk Management Strategies [22]
7. FOI 20/21-0879 NDIA Project Risk Management Framework, Fraud Risk Assessment, Risk Maturity Level 4 and Risk Champion training [15]
8. FOI 20/21-0882 NDIA Enterprise Risk Management Framework, NDIA Risk Management Strategy approved by COAG [21]
9. FOI 20/21-0885 NDIA Insurance Principles and Strategic Risks
11. FOI 20/21-0877 NDIA Annual and Quarterly Attestation Reports [16]
While consistent with the very broad FOI 30 day extension request [23], 30 days seems more than ample to find and release an electronic public document. In short, an extension seems largely unnecessary. As a result, the NDIA document storage, archive and retrieval policy and procedure will go a long way to informing and clarifying the process.
Thank you for your assistance.
Yours faithfully,
Shirley
References:
1. Archives Act 1983 (2021) Compilation No. 43. Available at: , https://www.legislation.gov.au/Details/C...> Accessed [8 Jul 21]
2. National Archives of Australia (2021) Information Management Standard for Australian Government, Australian Government, Available at: <https://www.naa.gov.au/information-manag...>. Accessed [8 Jul 21]
3. Ibid
4. National Archives of Australia (2021) Information Management Standard, Available at: < https://www.naa.gov.au/information-manag...>. Accessed [8 Jul 21]
5. National Archives of Australia (2021) Building trust in the public record policy, Available at: < https://www.naa.gov.au/information-manag... >. Accessed [8 Jul 21]
6. National Archives of Australia (2021) Building trust in the public record policy: Managing information and data for government and community, Available at: <https://www.naa.gov.au/sites/default/fil...> Accessed {8 Jul 21]
7. Ibid, Page 7 & 11
8. OAIC (2018) Guide to Security Personal Information, Office of the Australian Information Commissioner, Australian Government, Available at: < https://www.oaic.gov.au/privacy/guidance...>. Accessed [8 Jul 21]
9. NAA (2015) Australian Government Record-keeping Metadata Standard, National Archives of Australia, Australian Government, Available at: <https://www.naa.gov.au/sites/default/fil...>. Accessed [ 8 Jul 21]
10. National Archives of Australia (2021) Establishing an information governance framework, Australian Government, Available at: <https://www.naa.gov.au/information-manag...>. Accessed [ 8 Jul 21]
11. Ibid
12. ISO 15489-1:2016 Information and Documentation - Records Management - Part 1: Concepts-and Principles, Available at: < https://www.iso.org/standard/62542.html>. Accessed [8 Jul 21]
13. National Archives of Australia (2021) Data interoperability Maturity Model, Australian Government, Available at: < https://www.naa.gov.au/information-manag...>. Accessed [8 Jul 21]
14. National Archives of Australia (2021) Chief information governance officer (CIGO), Australian Government, Available at: < https://www.naa.gov.au/information-manag...>. Accessed [8 Jul 21]
15. https://www.righttoknow.org.au/request/n...
16. https://www.righttoknow.org.au/request/n...
17. https://www.righttoknow.org.au/request/n...
18. https://www.righttoknow.org.au/request/n...
19. https://www.righttoknow.org.au/request/t...
20. https://www.righttoknow.org.au/request/n...
21. https://www.righttoknow.org.au/request/t...
22. https://www.righttoknow.org.au/request/n...
23. OAIC (2012) Extension of time for processing requests, Office of the Australian Information Commissioner, Australian Government, Available at: < https://www.oaic.gov.au/freedom-of-infor...>. Accessed [8 Jul 21]
Thank you for contacting the National Disability Insurance Agency (NDIA).
Freedom of Information
If your message is a request for access to documents under the
Freedom of Information Act 1982 (FOI Act), we will acknowledge it within
14-days of receipt. We may be in touch with you sooner if your request is
too large or vague.
We are committed to processing all requests as quickly as possible. We
will keep in regular contact with you, especially if there's any delay in
making a decision.
Further information about FOI is available on our website:
[1]https://www.ndis.gov.au/about-us/policie...
Please contact us at [2][NDIA request email] if you have any questions or
require help.
Participant Information Access
If you are an NDIS participant and you are seeking access to your own
personal information, you can make a request online under our Participant
Information Access (PIA) process.
To make a request, please complete our online request form:
[3]https://www.ndis.gov.au/about-us/policie...
Please contact us at [4][email address] if you have any
questions or require help.
Other enquiries
If your message is for something else, you should direct it to
[5][email address].
If your message is received outside our business hours of 9am to 5pm
(AEST), Monday to Friday or on a public holiday, we will action it on the
next business day.
If your message is urgent, you can call our National Conact Centre on 1800
800 110.
Warm regards
NDIA FOI Team
Email: [6][email address]
**********************************************************************
IMPORTANT: This e-mail is for the use of the intended recipient only and
may contain information that is confidential, commercially valuable and/or
subject to legal or parliamentary privilege. If you are not the intended
recipient you are notified that any review, re-transmission, disclosure,
dissemination or other use of, or taking of any action in reliance upon,
this information is prohibited and may result in severe penalties. If you
have received this e-mail in error please notify the sender immediately
and delete all electronic and hard copies of this transmission together
with any attachments. Please consider the environment before printing this
e-mail
**********************************************************************
References
Visible links
1. https://www.ndis.gov.au/about-us/policie...
2. mailto:[NDIA request email]
3. https://www.ndis.gov.au/about-us/policie...
4. mailto:[email address]
5. mailto:[email address]
6. mailto:[email address]
Dear Shirley
Freedom of Information Request: Acknowledgement
Thank you for your request of 8 July 2021, under the Freedom of
Information Act 1982 (FOI Act) for copies of documents held by the
National Disability Insurance Agency (NDIA).
Scope of your request
You have requested access to the following documents about the National
Disability Insurance Scheme (NDIS):
“Please provide a copy of the NDIA Document Storage, Archive and Retrieval
Policy and Procedure. That is, the specific NDIA policy and procedure for
the capture, recording, storage, archiving and retrieval of public
information and documents as a Commonwealth Agency."
Unless you advise otherwise, we will take it that you agree to the names
and contact details of NDIA staff being excluded from the scope of your
request (that is, the information will be treated as irrelevant).
Processing timeframes
We received your request on 8 July 2021 and the 30-day statutory period
for processing your request commenced from the day after that date. You
should therefore expect a decision from us by 9 August 2021.
The period may be extended if we need to consult with third parties or for
other reasons. We will advise you if this happens.
Charges
We may apply a processing charge to your request and will advise you as
soon as practicable if a charge is payable..
Disclosure Log
Information released under the FOI Act may be published on the NDIA’s
disclosure log located on our website, subject to certain exceptions.
If you have any concerns about the publication of information you have
requested, please contact us.
Further help
Please contact us at [1][NDIA request email] if you have any questions or need
help.
We will contact you using the email address you provided. Please advise if
you would prefer us to use an alternative means of contact.
Yours sincerely
Freedom of Information Officer
Parliamentary, Ministerial and FOI Branch
Government Division
National Disability Insurance Agency
E: [2][NDIA request email]
[3]Title: NDIS delivered by the National Disability Insurance Agency
The NDIA acknowledges the Traditional Custodians of Country throughout
Australia and their continuing connection to land, sea and community. We
pay our respects to them and their cultures and to Elders past, present
and emerging.
-----Original Message-----
From: Shirley <[FOI #7572 email]>
Sent: Thursday, 8 July 2021 4:27 PM
To: foi <[NDIA request email]>
Subject: Freedom of Information request - NDIA Document Storage, Archive
and Retrieval Policy and Procedure
Dear National Disability Insurance Agency,
Please provide a copy of the NDIA Document Storage, Archive and Retrieval
Policy and Procedure. That is, the specific NDIA policy and procedure for
the capture, recording, storage, archiving and retrieval of public
information and documents as a Commonwealth Agency.
Context:
“Information management standards help Australian Government agencies to
create and manage business information effectively. Know which standards
apply to your agency and how to implement them” [4] so as to build trust
in public record keeping. More specifically, “The Building trust in the
public record: managing information and data for government and
community policy came into effect on 1 January 2021. The policy identifies
key requirements for managing Australian Government information assets
(records, information and data). It helps Australian Government agencies
improve how they create, collect, manage and are able to use information
assets. The Australian Government relies on well-managed information to
better support, protect and serve the community” [5]. All of which seem
aimed at “reducing areas of information management inefficiency and risk”
[6], especially where cloud, storage and retainment issues are concerned
[7] or transferred to National Archives.
The National Archives Act seemingly specifies the information record
storage and retention requirements for Commonwealth entities [1]. The
Information Management Standard for Australian Government [2] provides
further specific guidance (including citing the National Archives Act
1983) on well-managed business information with Government. In particular,
8 guiding principles. They are:
1. Business information is systematically governed
2. Necessary business information is created
3. Business information is adequately described
4. Business information is suitably stored and
preserved
5. How long business information should be kept is
known
6. Business information is accountably destroyed
or transferred
7. Business information is saved in systems where
it can be appropriately managed
8. Business information is available for use and
reuse [3]
In short, there seems to be a significant emphasis and requirement for
Commonwealth entities to effectively store, archive and retrieve public
information, data and documents. The Office of the Australian Information
Commissioner (OAIC) has also provides specific advice to ensure
information and risks have been adequately mitigated [8]. This would also
seem to have been significantly emphasised by the National Archives too
[9], especially when it come to metadata. IN sum, there is a significant
information governance framework [10], supported but a suite of
international standards such as ISO 16175 - Process and Functional
Requirements for Managing Records and ISO 15489 Records Management [11].
ISO 15489 in particular relates to “a) records, metadata for records and
records systems; b) policies, assigned responsibilities, monitoring and
training supporting the effective management of records; c) recurrent
analysis of business context and the identification of records
requirements; d) records controls; e) processes for creating, capturing
and managing records.” [12]. Overall, there seems to be a clear,
consistent emphasis on effective and efficient storage and retrieval of
Government documents and information.
As part for the Data Interoperability Maturity Model [13] , the National
Archives of Australia asserts that “All Australian Government agencies
should have assigned responsibilities at a senior executive level for a
CIGO to support enterprise-wide information governance. A dedicated role
for senior executive represents a best practice approach“ [14]. It would
therefore stand to reason that the NDIA has both a CIGO and supporting
policies and procedures. Which forms the focus of this request. In
particular, to understand why a relatively simple public document
retrieval request, taking no more than a few minutes to complete in most
other Government Agencies or private corporations, would take the NDIA
longer than 30 days to complete. For example:
1. FOI 20/21-0856 NDIA Risk assessment for the Independent
Assessments (IA) pilot [17]
2. FOI 20/21-0854 NDIA’s current Risk Management
Policy/ies and Procedures and Procurement Risk Management
Policy/procedures
3. FOI 20/21-0853 NDIA’s current Investigations
Policy/ies and Procedures [20]
4. FOI 20/21-08551 NDIA’s Pandemic/epidemic risk
assessment for NSW and VIC [19]
5. FOI 20/21-0848 NDIA’s Pandemic Plan for NSW and
VIC [18]
6. FOI 20/21-0843 NDIA’s Risk Management
Framework, Audit/Risk Committee Minutes of Meeting, Risk Management
Declaration and Risk Management Strategies [22]
7. FOI 20/21-0879 NDIA Project Risk Management
Framework, Fraud Risk Assessment, Risk Maturity Level 4 and Risk Champion
training [15]
8. FOI 20/21-0882 NDIA Enterprise Risk Management
Framework, NDIA Risk Management Strategy approved by COAG [21]
9. FOI 20/21-0885 NDIA Insurance Principles and
Strategic Risks
11. FOI 20/21-0877 NDIA Annual and Quarterly
Attestation Reports [16]
While consistent with the very broad FOI 30 day extension request [23], 30
days seems more than ample to find and release an electronic public
document. In short, an extension seems largely unnecessary. As a result,
the NDIA document storage, archive and retrieval policy and procedure will
go a long way to informing and clarifying the process.
Thank you for your assistance.
Yours faithfully,
Shirley
References:
1. Archives Act 1983 (2021) Compilation No. 43. Available at: ,
[4]https://www.legislation.gov.au/Details/C...> Accessed [8 Jul 21]
2. National Archives of Australia (2021)
Information Management Standard for Australian Government, Australian
Government, Available at:
<[5]https://www.naa.gov.au/information-manag...>.
Accessed [8 Jul 21]
3. Ibid
4. National Archives of Australia (2021)
Information Management Standard, Available at: <
[6]https://www.naa.gov.au/information-manag...>.
Accessed [8 Jul 21]
5. National Archives of Australia (2021) Building
trust in the public record policy, Available at: <
[7]https://www.naa.gov.au/information-manag...
>. Accessed [8 Jul 21]
6. National Archives of Australia (2021) Building
trust in the public record policy: Managing information and data for
government and community, Available at:
<[8]https://www.naa.gov.au/sites/default/fil...>
Accessed {8 Jul 21]
7. Ibid, Page 7 & 11
8. OAIC (2018) Guide to Security Personal
Information, Office of the Australian Information Commissioner, Australian
Government, Available at: <
[9]https://www.oaic.gov.au/privacy/guidance...>.
Accessed [8 Jul 21]
9. NAA (2015) Australian Government Record-keeping
Metadata Standard, National Archives of Australia, Australian Government,
Available at:
<[10]https://www.naa.gov.au/sites/default/fil...>.
Accessed [ 8 Jul 21]
10. National Archives of Australia (2021)
Establishing an information governance framework, Australian Government,
Available at:
<[11]https://www.naa.gov.au/information-manag...>.
Accessed [ 8 Jul 21]
11. Ibid
12. ISO 15489-1:2016 Information and Documentation -
Records Management - Part 1: Concepts-and Principles, Available at: <
[12]https://www.iso.org/standard/62542.html>. Accessed [8 Jul 21]
13. National Archives of Australia (2021) Data
interoperability Maturity Model, Australian Government, Available at: <
[13]https://www.naa.gov.au/information-manag...>.
Accessed [8 Jul 21]
14. National Archives of Australia (2021) Chief
information governance officer (CIGO), Australian Government, Available
at: <
[14]https://www.naa.gov.au/information-manag...>.
Accessed [8 Jul 21]
15.
https://www.righttoknow.org.au/request/n...
16.
https://www.righttoknow.org.au/request/n...
17.
https://www.righttoknow.org.au/request/n...
18.
https://www.righttoknow.org.au/request/n...
19.
https://www.righttoknow.org.au/request/t...
20.
https://www.righttoknow.org.au/request/n...
21.
https://www.righttoknow.org.au/request/t...
22.
https://www.righttoknow.org.au/request/n...
23. OAIC (2012) Extension of time for processing
requests, Office of the Australian Information Commissioner, Australian
Government, Available at: <
[15]https://www.oaic.gov.au/freedom-of-infor...>.
Accessed [8 Jul 21]
-------------------------------------------------------------------
Please use this email address for all replies to this request:
[FOI #7572 email]
Is [16][NDIA request email] the wrong address for Freedom of Information
requests to National Disability Insurance Agency? If so, please contact us
using this form:
https://www.righttoknow.org.au/change_re...
This request has been made by an individual using Right to Know. This
message and any reply that you make will be published on the internet.
More information on how Right to Know works can be found at:
https://www.righttoknow.org.au/help/offi...
Please note that in some cases publication of requests and responses will
be delayed.
If you find this service useful as an FOI officer, please ask your web
manager to link to us from your organisation's FOI page.
-------------------------------------------------------------------
**********************************************************************
IMPORTANT: This e-mail is for the use of the intended recipient only and
may contain information that is confidential, commercially valuable and/or
subject to legal or parliamentary privilege. If you are not the intended
recipient you are notified that any review, re-transmission, disclosure,
dissemination or other use of, or taking of any action in reliance upon,
this information is prohibited and may result in severe penalties. If you
have received this e-mail in error please notify the sender immediately
and delete all electronic and hard copies of this transmission together
with any attachments. Please consider the environment before printing this
e-mail
**********************************************************************
References
Visible links
1. mailto:[NDIA request email]
2. mailto:[NDIA request email]
4. https://www.legislation.gov.au/Details/C...
5. https://www.naa.gov.au/information-manag...
6. https://www.naa.gov.au/information-manag...
7. https://www.naa.gov.au/information-manag...
8. https://www.naa.gov.au/sites/default/fil...
9. https://www.oaic.gov.au/privacy/guidance...
10. https://www.naa.gov.au/sites/default/fil...
11. https://www.naa.gov.au/information-manag...
12. https://www.iso.org/standard/62542.html
13. https://www.naa.gov.au/information-manag...
14. https://www.naa.gov.au/information-manag...
15. https://www.oaic.gov.au/freedom-of-infor...
16. mailto:[NDIA request email]
Dear foi,
Just checking on this request from 8 Jul 21. Did I miss an update or email?
Yours sincerely,
Shirley
Thank you for contacting the National Disability Insurance Agency (NDIA).
Freedom of Information
If your message is a request for access to documents under the
Freedom of Information Act 1982 (FOI Act), we will acknowledge it within
14-days of receipt. We may be in touch with you sooner if your request is
too large or vague.
We are committed to processing all requests as quickly as possible. We
will keep in regular contact with you, especially if there's any delay in
making a decision.
Further information about FOI is available on our website:
[1]https://www.ndis.gov.au/about-us/policie...
Please contact us at [2][NDIA request email] if you have any questions or
require help.
Participant Information Access
If you are an NDIS participant and you are seeking access to your own
personal information, you can make a request online under our Participant
Information Access (PIA) process.
To make a request, please complete our online request form:
[3]https://www.ndis.gov.au/about-us/policie...
Please contact us at [4][email address] if you have any
questions or require help.
Other enquiries
If your message is for something else, you should direct it to
[5][email address].
If your message is received outside our business hours of 9am to 5pm
(AEST), Monday to Friday or on a public holiday, we will action it on the
next business day.
If your message is urgent, you can call our National Conact Centre on 1800
800 110.
Warm regards
NDIA FOI Team
Email: [6][email address]
**********************************************************************
IMPORTANT: This e-mail is for the use of the intended recipient only and
may contain information that is confidential, commercially valuable and/or
subject to legal or parliamentary privilege. If you are not the intended
recipient you are notified that any review, re-transmission, disclosure,
dissemination or other use of, or taking of any action in reliance upon,
this information is prohibited and may result in severe penalties. If you
have received this e-mail in error please notify the sender immediately
and delete all electronic and hard copies of this transmission together
with any attachments. Please consider the environment before printing this
e-mail
**********************************************************************
References
Visible links
1. https://www.ndis.gov.au/about-us/policie...
2. mailto:[NDIA request email]
3. https://www.ndis.gov.au/about-us/policie...
4. mailto:[email address]
5. mailto:[email address]
6. mailto:[email address]
Dear Shirley
Thank you for your request for information.
Please find attached correspondence and documents in relation to your
request. If you require these in a different format, please let us know.
Please contact us at [1][NDIA request email] if you have any questions or
require help.
Thank you.
Kind regards
Freedom of Information Officer
Parliamentary, Ministerial and FOI Branch
Government Division
National Disability Insurance Agency
E: [2][NDIA request email]
[3]Title: NDIS delivered by the National Disability Insurance Agency
The NDIA acknowledges the Traditional Custodians of Country throughout
Australia and their continuing connection to land, sea and community. We
pay our respects to them and their cultures and to Elders past, present
and emerging.
**********************************************************************
IMPORTANT: This e-mail is for the use of the intended recipient only and
may contain information that is confidential, commercially valuable and/or
subject to legal or parliamentary privilege. If you are not the intended
recipient you are notified that any review, re-transmission, disclosure,
dissemination or other use of, or taking of any action in reliance upon,
this information is prohibited and may result in severe penalties. If you
have received this e-mail in error please notify the sender immediately
and delete all electronic and hard copies of this transmission together
with any attachments. Please consider the environment before printing this
e-mail
**********************************************************************
References
Visible links
1. mailto:[NDIA request email]
2. mailto:[NDIA request email]
Our reference: RQ21/02731
Agency reference: FOI 21/22-0034
Shirley
Sent by email: [1][FOI #7572 email]
Extension of time under s 15AC
Dear Shirley
Please find attached a decision of today’s date for an extension of time
from the National Disability Insurance Agency.
Yours sincerely
[2][IMG] Rochelle Dunlop | Review and
Investigation Advisor
Investigations and Compliance
Freedom of information
Regulatory Group
Office of the Australian
Information Commissioner
GPO Box 5218 Sydney NSW 2001 |
[3]oaic.gov.au
+61 2 9284 9783 |
[4][email address]
[8]Subscribe [9]Subscribe to
[5]Facebook | [6]LinkedIn | [7]Twitter | icon Information
Matters
[10]Graphical user interface, application Description automatically
generated
***********************************************************************
WARNING: The information contained in this email may be confidential.
If you are not the intended recipient, any use or copying of any part
of this information is unauthorised. If you have received this email in
error, we apologise for any inconvenience and request that you notify
the sender immediately and delete all copies of this email, together
with any attachments.
***********************************************************************
References
Visible links
1. mailto:[FOI #7572 email]
2. https://www.oaic.gov.au/
3. https://aus01.safelinks.protection.outlo...
4. mailto:%[email address]
5. https://aus01.safelinks.protection.outlo...
6. https://aus01.safelinks.protection.outlo...
7. https://aus01.safelinks.protection.outlo...
9. https://www.oaic.gov.au/media-and-speech...