This decision concerns the question of whether the applicant applied for internal review of alleged conduct under the Privacy and Personal Information Protection Act 1998 (NSW) and the Health Records and Information Privacy Act 2002 (NSW) within six months from the time she first became aware of the conduct. The Tribunal's jurisdiction to review her application depends upon her having applied to the respondent for internal review within that six month time frame.
[2]
BACKGROUND
The applicant has been a teacher and an employee of the respondent for over seventeen years. She has a workers compensation claim against the respondent. Officers of the respondent are required to provide medical certificates to the Work Health and Safety Directorate of the respondent on a regular basis, as part of the administration of her claim.
On 24 May 2013, the applicant claimed in email correspondence with officers of the respondent that her medical certificate dated 2 April 2013, which she said she faxed to the respondent on the same day, had been lost by the respondent.
On 1 July 2013, the respondent emailed the applicant an internal review application form.
On 5 July 2013, the applicant applied for an internal review, under the Privacy and Personal Information Protection Act, of the following conduct:
1. The loss of her medical certificate dated 2 April 2013, which she claims was faxed to the respondent on the same date;
2. The loss of her medical certificate dated 19 August 2011;
3. The recording of allegedly false information about the applicant by staff members of the respondent in an email dated 5 February 2008.
The applicant also sought review of "maladministration of my case," "breaches of privacy over several years," the respondent's refusal to accept medical certificates by registered mail, maladministration of the applicant's return to work plans and discrimination and bullying.
On the internal review application form, in response to the question "When did you first become aware of this conduct?," the applicant wrote ", until 1/7/13."
On 26 August 2013, the respondent wrote to the applicant explaining that it would not investigate conduct which occurred more than six months prior to her internal review application.
On 11 February 2014, an officer of the respondent completed the internal review. With respect to the medical certificate faxed on 2 April 2013, the officer found that the respondent had not breached a security principle (that is, information protection principle 5 or health privacy principle 5). With respect to the other conduct, the respondent determined that the application for internal review was made more than six months after the applicant first became aware of the conduct and the respondent would not allow further time for her to lodge the internal review application under s 53(3)(d) of the Privacy and Personal Information Protection Act.
The applicant filed her application in this Tribunal on 22 August 2014.
The respondent has raised two jurisdictional issues, the first being its contention that the application to the Tribunal was brought out of time. That issue was resolved in the applicant's favour in MJ v Department of Education and Communities [2015] NSWCATAD 23.
The second is its submission that the Tribunal lacks jurisdiction to review some of the conduct the subject of the applicant's application, because she sought internal review of that conduct more than six months after becoming aware of it. The parties agreed that that issue should be determined on the papers.
[3]
RELEVANT LEGISLATION
Part 5 of the Privacy and Personal Information Protection Act applies to the contravention by a public sector agency of an information protection principle that applies to the agency and to the contravention of a health privacy principle that applies to the agency (Privacy and Personal Information Protection Act, s 52(1)(a); Health Records and Information Privacy Act, s 21(1)(a)).
Section 53 of the Privacy and Personal Information Protection Act, which is in Part 5, provides in subsection (1) and paragraph (3)(d):
"(1) A person (the applicant) who is aggrieved by the conduct of a public sector agency is entitled to a review of that conduct.
(3) An application for such a review must:
(d) be lodged at an office of the public sector agency within 6 months (or such later date as the agency may allow) from the time the applicant first became aware of the conduct the subject of the application"
Section 55(1) of the Privacy and Personal Information Protection Act, which is also in Part 5, provides:
"55 Administrative review of conduct by Tribunal
(1) If a person who has made an application for internal review under section 53 is not satisfied with:
(a) the findings of the review, or
(b) the action taken by the public sector agency in relation to the application, the person may apply to the Civil and Administrative Tribunal for an administrative review under the Administrative Decisions Review Act 1997 of the conduct that was the subject of the application under section 53."
[4]
COLLATERAL ISSUES
The applicant raised a number of collateral issues, including that the respondent did not adhere to the Tribunal's timetables for the filing and service of submissions and evidence, and that the respondent allegedly failed to afford her procedural fairness when determining not to accept her internal review application on the basis that it was out of time. The Tribunal has determined to accept the respondent's submissions and evidence, notwithstanding the non-compliance with the timetable, and the procedural fairness issue is beyond its jurisdiction in these proceedings.
The applicant also complained about the time taken by the respondent to complete the internal review application. Whilst this is regrettable, it is not something the Tribunal has jurisdiction to consider or make orders about.
Further, the applicant contended that the Tribunal should consider "systemic" issues and the respondent's handling of privacy matters more generally. The Tribunal's jurisdiction is limited to reviewing the conduct the subject of the applicant's internal review application and it cannot undertake a more broad-ranging enquiry of the kind requested by the applicant.
[5]
SCOPE OF REVIEW
The applicant's internal review application raises various matters which are not capable of being "conduct" which may be reviewed under the privacy legislation (see Privacy and Personal Information Protection Act, s 52(1)). These are "maladministration of my case," the respondent's refusal to accept medical certificates by registered mail, maladministration of the applicant's return to work plans and discrimination and bullying. Accordingly, review of these complaints is not within the Tribunal's jurisdiction.
[6]
DID THE APPLICANT APPLY FOR INTERNAL REVIEW WITHIN TIME?
The Tribunal does not have power to review a decision of an agency not to accept an application for review out of time: MG v Director General, Department of Education and Training [2004] NSWADTAP 45 at [8]. However, the Tribunal has jurisdiction to consider whether an internal review application was in fact made out of time: EN v University of Technology, Sydney [2009] NSWADT 50 at [23].
The respondent accepts that the applicant's application for internal review, insofar as it related to the loss of her medical certificate dated 2 April 2013, was within time. However, it submits that the application was lodged more than six months after the applicant became aware of the remaining conduct the subject of her application (that is, the alleged loss of her medical certificate dated 19 August 2011 and the allegedly inaccurate information about her in an email of 5 February 2008).
[7]
Awareness of relevant events
The respondent submits that the applicant became aware of the alleged loss of her medical certificate dated 19 August 2011 on about 5 September 2011. It says that this is evidenced by an email from the applicant to an employee of the respondent, Ms O'Brien, on that date.
The respondent submits that the applicant became aware of the allegedly false statement in the email of 5 February 2008 on about 21 December 2010, as evidenced in an email from the applicant to Ms O'Brien on that date.
The applicant does not address in her material the issue of whether she was aware of the alleged loss of her medical certificate dated 19 August 2011 or the allegedly false statement in the email of 5 February 2008 more than six months before applying for internal review. Rather, she submits that she did not have knowledge of the conduct and its legal significance until 1 July 2013. She also says she had no knowledge of her right to an internal review until that date.
In the applicant's email to Ms O'Brien of 5 September 2011, the applicant reproduces the text of an email she previously sent to another staff member, in which she states, "I forwarded the WC Medical Certificate to Fax [number] after speaking with Kitty on 19.8.2011…. I was advised today that the IJM Unit has requested that I forward another copy."
I am satisfied that the certificate the applicant is referring to is the certificate of 19 August 2011 and that she was aware of the alleged loss of the certificate on 5 September 2011.
The applicant's email to Ms O'Brien on 21 December 2012 expressly refers to "Mr Taylor's false statement" allegedly made in his email of 5 February 2008. In the email of 21 December 2012, the applicant requests various remedies from the respondent including an amendment to records and to be treated fairly without victimisation and harassment "according to the DET Code of Conduct."
I am satisfied that the applicant was aware of the allegedly false statement made in the email of 5 February 2008 on 21 December 2010.
The applicant therefore had awareness of the relevant acts and omissions in relation to two of her claims more than six months prior to applying for internal review.
[8]
Awareness of legal significance of acts and omissions
As the respondent acknowledges, s 53(3)(d) of the Privacy and Personal Information Protection Act requires both knowledge of the relevant acts and omissions and of the legal significance of those acts and omissions: Department of Education and Training v EM [2011] NSWADTAP 4 at [14]-[15].
As indicated above, the applicant denies being aware of the legal significance of the respondent's conduct until 1 July 2013. She states: "I was unaware of the internal review process for privacy matters until I received a letter on 1 July 2013 form [sic]… the Legal Directorate in the Department…. Therefore the 6 month limit should begin as of 1 July 2013." She also states that she did not "have both knowledge of the conduct and the legal significance of the conduct" until 1 July 2013. The applicant states, further, that "[a]t no time prior to 1 July 2015 [sic] did I receive information that privacy issues were handled under different legislation." The context would suggest that she means legislation which is different from that governing work, health and safety. She also states that the officers who she dealt with concerning other complaints did not make her aware of the privacy legislation or provide her with information about privacy processes and procedures.
The applicant also submits that the evidence shows that she has always followed the advice of line managers concerning issues and complaints. She gives the example of following information given to her by her principal about exercising rights in relation to freedom of information, the Government Information (Public Access) Act 2009 (NSW), and public interest disclosures. She says that the fact that she immediately lodged an internal review application upon receiving the privacy internal review application form when it was emailed to her, indicates that she was not aware of the review process until 1 July 2013. The applicant states: "Once I am given information about my legal rights, advice and support, I then follow up."
The respondent contends that the applicant was aware of her rights under the privacy legislation at all relevant times. It relies upon the following evidence from the applicant's correspondence which it says indicates that she was "aware of her rights" prior to 1 July 2013:
1. A handwritten fax cover sheet from the applicant to the respondent dated 30 November 2007 containing the words: "Please confirm receipt of this to my home email address…. And confirm my request for privacy will be respected". It also contains the following statement: "CONFIDENTIAL: Please respect Health Privacy. No permission is given for this information to be released to any regional staff other than DET contact person…"
2. A fax to the Administrative Decisions Tribunal from the applicant on 19 May 2012, apparently sent in the course of proceedings brought by the applicant under the Government Information (Public Access) Act, in which the applicant notifies that tribunal that the respondent provided her with documents relating to a school student: "The Respondent has released all personal details of a court matter at Parramatta Court along with the name of the school student their date of birth, and the school they are to attend plus the Respondent solicitor's instructions. This document should never have been released to me. I regard this as a serious breach of privacy for this student." Later in the letter the applicant refers to the respondent's "lack of compliance with the Privacy legislation."
The applicant provided evidence of a letter sent to her by the respondent on 4 June 2012, in which the respondent asked her to destroy pages accidentally included with the report sent to the applicant "in order to prevent further privacy breaches." This letter is also relevant to the question of whether the applicant was aware of the legal significance of the respondent's conduct.
The applicant's email to the respondent, sent on 24 May 2013, which prompted the provision of an application for internal review to the applicant, displays an awareness of the obligations imposed on the respondent under the privacy legislation, prior to the receipt of the application form. The applicant requests in that email that a matter "be formally investigated re suspected breach of privacy and suspected maladministration."
The respondent relies upon further evidence which, it submits, establishes that the applicant must have been aware of her review rights at the time she became aware of the relevant conduct. It says that, as an employee of the respondent, the applicant was bound by the respondent's code of conduct, which referred to the privacy legislation and set out employees' obligations with respect to protecting confidential information, referring employees to information concerning privacy on the Department's Legal Services intranet site. It says that the code of conduct also provided that staff needed to be aware of, and to comply with the Privacy and Personal Information Protection Act. Further, under the code of conduct, the applicant was required to be aware of the complaints handling policy which referred to internal review under the Privacy and Personal Information Protection Act.
The respondent submitted that the nature of the employment relationship between the applicant and the respondent was such as to impose on the applicant obligations to be aware of the relevant provisions of the Privacy and Personal Information Protection Act, including the right to make an application for internal review. It said that the evidence established that the provisions of that legislation and the avenues for redress had been brought to the attention of the applicant, by the respondent, by numerous means.
The applicant disputes that she was aware of her privacy rights as a result of the respondent's policies, including the 2007 Code of Conduct. The applicant states that the 2007 Code of Conduct does not refer to the privacy legislation at all. The applicant also submits that the policy information is not easy to access, that there is no policy described as a "privacy policy" and that, when an employee logs on to the respondent's computers, the employee is provided with a link to the (outdated) 2006 Code of Conduct.
The respondent has tendered a copy of the 2007 Code of Conduct, which is in evidence, and which applied at the relevant times. It provides, in cl 40.1, "[s]taff need to be aware of and comply with the Privacy and Personal Information Protection Act 1988 and the DET Privacy Code of Practice. Particular care must be taken with the collection, storage, use and disclosure of personal information in order to protect individuals' privacy." The 2007 Code of Conduct does not refer to the Health Records and Information Privacy Act.
The 2010 Code of Conduct, which is also in evidence, makes provision in cl 17 for the handling of "confidential information" and "other people's personal information" but does not refer specifically to the privacy legislation. It does state, however, that "Information concerning privacy is available on the Department's Legal Services intranet site". The 2010 version of the Code of Conduct was published on the intranet in January 2010, where it remained until it was superseded by a 2014 version.
The respondent relies upon an affidavit made by a Communications and Technology Manager in the Legal Services Directorate of the respondent. The manager gives evidence that information about privacy and the making of privacy complaints has been available on the respondent's website since January 2006. In copies of the respondent's web pages annexed to the manager's affidavit, it is stated that both the Privacy and Personal Information Protection Act and the Health Records and Information Privacy Act require the Department to meet requirements in relation to collection, access, alteration, storage, use and disclosure of personal and health information.
The respondent also relies on the 2007 and 2011 versions of its Complaints Handling Policy and Complaints Handling Guidelines, which are in evidence. It says that employees are required to be aware of these under the Code of Conduct. The 2007 Complaints Handling Policy Guidelines provide that "[a]ll employees must observe the information protection principles of the Privacy and Personal Information Protection Act 1988". There is no equivalent provision in the 2011 version, but reference is made in both to applying for internal review. There is evidence that these policies were on the respondent's intranet at all relevant times.
[9]
Whether constructive knowledge is sufficient
The respondent submits that awareness of the legal significance of conduct within s 53(3)(d) of the Privacy and Personal Information Protection Act does not require actual awareness on the part of an applicant but extends to a situation where the applicant ought reasonably to have been aware of such legal significance. It says, to the extent that comments made in Department of Education and Training v EM [2011] NSWADTAP 4 at [13]-[15] suggest that constructive knowledge of the review rights is insufficient for the purposes of s 53(3)(d), these comments were obiter, and there are good reasons not to follow them. It submits that, were the test purely a subjective one, it would be all but impossible for a respondent to challenge an applicant's assertion that he or she was unaware of his or her rights at any point in time.
The respondent's submission that I should not follow the comments of the Appeal Panel of the former Administrative Decisions Tribunal ("ADT") in Department of Education and Training v EM [2011] NSWADTAP 4, to the extent that they suggest that constructive knowledge of the review rights is insufficient for the purposes of s 53(3)(d), requires me to consider the basis on which the Appeal Panel reached its decision in that case and the reasoning which informs it.
The decision relied upon by the ADT Appeal Panel to reach its conclusions that the words "became aware of the conduct" require knowledge of the relevant conduct and its legal significance, and that they refer to subjective awareness, was the High Court's decision in Deming No 456 Pty Ltd v Brisbane Unit Development Corporation Pty Ltd (1983) 155 CLR 129 ("Deming").
Deming concerned the question of whether a purchaser had "voided" a contract of sale of a property, by exercising rights under s 49 of the Building Units and Group Titles Act 1980 (Qld). It is necessary, in order to understand the decision in the case, to set out the terms of that provision in some detail. Section 49(1) of that Act required a proprietor to "give to the purchaser of a lot or of a proposed lot a statement in writing in compliance in every respect with the requirements of this section." Section 49(2) set out the requirements for a statement under that section. Section 49(3) provided that the statement was either required to be given to the purchaser before the purchaser signs the contract or included in the contract. Section 49(4) required the proprietor to give the purchaser a notice in certain specified circumstances. Section 49(5) provided, relevantly:
"If the original proprietor fails to give to a purchaser-
(a) a statement in compliance in every respect with subsections (1), (2) and (3); or
(b) a notice prescribed in subsection (4),
the purchaser may void the contract, agreement or other document signed by him in relation to the original proprietor by notice in writing given to the original proprietor within 30 days after he first becomes aware of the failure:…"
The statement which was included in the contract did not comply with s 49(2). A director of the purchaser executed the contract containing the defective statement in August 1981, but he neither realized what the statement under s 49 was, nor realized that such a statement was required to be given. The purchaser first became aware of the vendor's failure to comply with the obligation imposed by s 49(1), (2) and (3) in June 1982. The purchaser purported to void the contract within 30 days of the June 1982 date. The question was whether it had voided the contract "within 30 days after … first becom[ing] aware of the failure" within s 49(5)(b).
The plurality, Mason, Deane and Dawson JJ, considered (at 150) the question of "when it can be said, within the meaning of [s 49(5)], that a purchaser 'becomes aware' of a 'failure' by an original proprietor to give a statement in compliance in every respect with sub-ss. (1), (2) and (3) of s. 49" and commented:
"Knowledge that a thing has not been done at all necessarily amounts to knowledge that it has not been done in any of the ways in which it might have been done. But it does not amount to knowledge that the non-performance has the quality or character of a failure to comply with particular statutory provisions unless and until knowledge is acquired of those statutory provisions or of their relevant effect or of a conclusion that there has been a failure to comply with their terms. Thus, a person would not ordinarily be said to become aware of a 'failure' to give a statement in compliance with s. 49 until he becomes aware both of the obligation to give such a statement and of the fact it has not been given."
Their Honours concluded (at 151):
"that the words 'becomes aware of the failure' in s. 49(5) involve not only knowledge that a statement containing the specified material has not been given but an awareness that the fact that such a statement was not given constitutes a 'failure' to do something which the Act says should be done."
In Deming, the time limit was imposed by reference to a person's awareness of a failure to give a statement "in compliance" with specified statutory provisions. The High Court's conclusion that this required an awareness that the failure to provide a statement was a failure "to do something which the Act says should be done" depended upon the statutory context. The words "fails to give to a purchaser-…(a) a statement in compliance in every respect with subsections (1), (2) and (3)" (emphasis added) were critical, as they indicated that the failure, of which awareness was necessary, was a failure of a legal kind.
In s 53(3)(d) of the Privacy and Personal Information Protection Act, there is no reference to a statutory provision or to compliance with a statutory provision following the words "became aware of"; rather, the matter of which awareness is required is "the conduct the subject of the application". "Conduct" is not defined in that Act. However, s 52(1) and (2) of the Act provide for the conduct to which Part 5 applies, as follows:
"(1) This Part applies to the following conduct:
(a) the contravention by a public sector agency of an information protection principle that applies to the agency,
(b) the contravention by a public sector agency of a privacy code of practice that applies to the agency,
(c) the disclosure by a public sector agency of personal information kept in a public register.
(2) A reference in this Part to conduct includes a reference to alleged conduct."
Thus, when s 53(3)(d) provides that an internal review application must be lodged within 6 months (or such later date as the agency may allow) from the time the applicant first became aware of the conduct the subject of the application, the awareness referred to is of one or more of the types of conduct set out in s 52(1). In this case, it is awareness of the contravention (or alleged contravention) by a public sector agency of an information protection principle or of a health privacy principle which applies to the agency (Privacy and Personal Information Protection Act, s 52(1)(a) and (2); Health Records and Information Privacy Act, s 21(1)(a)). As in Deming, as a matter of statutory construction, the awareness required is not merely of a fact or event, but of the legal complexion of that fact or event.
It is therefore not possible to separate, as the respondent submits the Tribunal should do, the type of awareness required of the respondent's act or omission, and the type of awareness required of the legal significance of that act or omission. This is because the awareness is of "conduct," which is a concept combining a factual element (an action or omission by the agency) and its legal complexion (contravention or alleged contravention of a privacy principle).
The respondent's submission that constructive knowledge is sufficient in relation to knowledge of the legal consequences of an act or omission, because it would be all but impossible for a respondent to challenge an applicant's assertion that he or she was unaware of his or her rights at any point in time, does not provide a persuasive reason to adopt the construction sought. Whilst the consequences of a particular interpretation may be considered when construing a provision, the "task of statutory construction must begin with a consideration of the text itself" (Alcan (NT) Alumina Pty Ltd v Commissioner of Territory Revenue (2009) 239 CLR 27, Hayne, Heydon, Crennan and Kiefel JJ at 46-47 [47]). As Mason, Deane and Dawson JJ noted in Deming at 151, even drastic consequences of a particular interpretation "do not justify the adoption of an interpretation more favourable to [one party] unless the statutory language lends itself to such an interpretation."
In this case, the text requires that the word "aware" be given a single meaning in relation to its object, "conduct." Consistently with what the High Court decided in Deming and with what the ADT Appeal Panel held in Department of Education and Training v EM [2011] NSWADTAP 4, "aware" refers to subjective knowledge or actual, rather than constructive, knowledge.
[10]
Findings
The critical question is whether the applicant was aware, more than six months before she made her internal review application, that the respondent's actions or omissions could amount to a contravention by the respondent of a privacy principle. The respondent submits that the requirement that an applicant be aware of the legal significance of the conduct "cannot require anything more than that an applicant had general knowledge of such things." All that is required, in the respondent's submission, is a general awareness that the conduct potentially raises issues under privacy law and that there are avenues for redress.
The applicant's knowledge or otherwise of her right to apply for internal review is not, in my view, relevant to the question of whether the applicant was aware of the respondent's conduct. The relevant issue is whether the applicant was aware that the respondent's actions or omissions contravened, or possibly contravened, a privacy principle. I accept the respondent's submission that all that is required is a general awareness of this. Section 53(3)(d) does not, I consider, require a detailed understanding of privacy law before a person can be said to have "awareness" of conduct.
There are some facts and circumstances from which it can be inferred that the applicant was aware of the existence of privacy principles and privacy legislation prior to 1 July 2013. A finding of actual knowledge may be made by inference: Collins v Clarence Valley Council [2015] NSWCA 263 at [158].
The fax of 30 November 2007 in which the applicant refers to her "health privacy" suggests an awareness of the legislation governing health privacy (that is, the Health Records and Information Privacy Act) and some general knowledge of the principles under that Act. Similarly, the applicant's fax to the Administrative Decisions Tribunal on 19 May 2012, in which she concludes that the respondent's inadvertent disclosure of a third party's personal information was "a serious breach of privacy" and indicative of a "lack of compliance with the Privacy legislation," indicates a knowledge of that legislation and the privacy principles contained within it.
The respondent's letter to the applicant of 4 June 2012, which refers to the prevention of "further privacy breaches," is an acknowledgement from the respondent that its conduct is capable of being construed as a breach of privacy. This provided confirmation of the applicant's allegation that the respondent's conduct constituted a breach of privacy, and thus an acknowledgement that the applicant's application of privacy principles, in the particular context, was correct.
It is clear that the applicant had read at least part of the respondent's 2010 Code of Conduct by the end of 2012, because she refers to its contents in an email of 21 December 2012. That Code of Conduct contained references to the privacy legislation, which are set out above. The applicant has provided evidence that she made a complaint on 10 May 2011 about an employee of the respondent breaching the code of conduct which applied in 2006. It is likely that she was aware of the 2007 Code of Conduct, although there is no evidence that she read it in detail.
The Tribunal's general observation, having reviewed the policies relied upon by the respondent, is that they contain minimal information about privacy issues. There is specific information about privacy on the Department's intranet, but there is no direct evidence that the applicant read this.
The Tribunal infers, from the evidence of the correspondence between the applicant and the Administrative Decisions Tribunal and the applicant and the respondent, that the applicant was aware, by 21 December 2012, of the existence of the Privacy and Personal Information Protection Act 1988 and the Health Records and Information Privacy Act and of the privacy principles contained in that legislation, in general terms. The Tribunal also finds that the applicant was aware that the loss of a medical certificate containing personal and/or health information was capable of breaching a privacy principle and that the recording of false information was capable of breaching a privacy principle. The applicant's assessment, in 2012, that an act of the respondent constituted a "lack of compliance with the Privacy legislation," indicates both familiarity with that legislation and an ability, or claimed ability, to analyse what constitutes a breach of it.
The Tribunal accepts what the applicant wrote in her application form, that she was aware of the conduct by 30 November 2007, but unaware of the complaints process. It also accepts the applicant's evidence that the officers she dealt with in relation to her other complaints did not provide her with an internal review application form or draw her attention to the privacy legislation. However, their failure to do so does not negate the applicant's awareness of the privacy principles and the privacy legislation. It is not clear from the evidence how she gained this awareness. However, such awareness is consistent with the respondent's evidence that, as an employee of the respondent, the applicant was required to be aware of the privacy principles, and with its evidence that reference was made to privacy legislation and privacy principles in its policies and on its intranet at relevant times.
For these reasons, the Tribunal finds that the applicant's application for internal review was made more than six months after the applicant became aware of the respondent's conduct concerning the alleged loss of her medical certificate dated 19 April 2011 and the alleged inaccuracy of information in an email of 5 February 2008. Accordingly, the Tribunal does not have jurisdiction to review this conduct.
The matter is to be listed for a further planning meeting to provide a timetable for determining the applicant's application, insofar as it relates to the alleged loss of her medical certificate dated 2 April 2013.
I hereby certify that this is a true and accurate record of the reasons for decision of the Civil and Administrative Tribunal of New South Wales.
Registrar
DISCLAIMER - Every effort has been made to comply with suppression orders or statutory provisions prohibiting publication that may apply to this judgment or decision. The onus remains on any person using material in the judgment or decision to ensure that the intended use of that material does not breach any such order or provision. Further enquiries may be directed to the Registry of the Court or Tribunal in which it was generated.
Decision last updated: 18 September 2015