The Australian Privacy Commissioner, Karen Curtis, has published an information sheet to assist organisations in investigating privacy complaints they receive.

A step-by-step guide to internal investigations of privacy complaints by organisations (pdf) covers a number of steps to undertake when dealing with a privacy complaint, such as:

• determining if the complaint is about "personal information" as defined by the Privacy Act
• identifying the Privacy Principle the complaint relates to
• applying the law to the facts of the case
• communicating effectively with the complainant
• looking at any systemic procedural or policy issues the complaint raises.