If you are not satisfied with how the CTP Insurer handled your complaint, you can contact the CTP Regulator for information about steps you can take.
The Commonwealth Privacy Commissioner is the appropriate person to investigate complaints about any breaches of the Commonwealth Privacy Act 1988 and the Australian Privacy Principles.
The CTP Regulator’s role
The Regulator’s role is to monitor CTP Insurer performance against state based legislation and the CTP Insurer’s contracts with the State. The Regulator’s role does not include regulating and monitoring behaviour against Commonwealth privacy laws, including the Australian Privacy Principles.
Response to breaches of privacy under the Regulator Rules
CTP Insurers are required to immediately inform the Regulator of any actual or suspected unauthorised access, use, disclosure or loss of personal information.
The Regulator reviews the details of the situation and determines if there has been a breach of contractual obligations about managing personal information.
If the Regulator determines a privacy breach has occurred, depending on the circumstances and severity, it may impose a financial sanction on the CTP Insurer.