Skip to main content

Data Integration Projects

Confidentiality Information Series

Part 3 - Managing the risk of disclosure: The Five Safes Framework

Meeting legislative obligations

Agencies protect the secrecy of information by implementing policies and procedures that address all aspects of data protection.

They do this by ensuring that identifiable information about individuals and organisations:

  • is not released publicly;
  • is available to authorised people on a need to know basis only;
  • cannot be derived from disseminated data; and
  • is maintained and accessed securely.

Privacy legislation

The Privacy Act 1988 sets out people’s rights in relation to the collection, use and sharing of information that they provide to the Commonwealth and ACT governments. These governments are bound to privacy protections under the Information Privacy Principles of the Act.

Some private sector organisations, and all health service providers, are bound by rules of conduct called the National Privacy Principles, outlined in Schedule 3 of the Act.

State and territory government agencies, except Western Australia, are bound by their state privacy legislation. Currently, various confidentiality provisions and privacy principles provided in the Freedom of Information Act 1992 apply to Western Australian government agencies.

Information Privacy Principles

The Information Privacy Principles for Commonwealth and ACT government agencies cover:

  • how personal information is collected;
  • the storage and security of personal information;
  • accuracy and completeness of personal information;
  • the use of personal information and its disclosure to third parties; and
  • the general right of individuals to access and correct their own records.

National Privacy Principles

The National Privacy Principles for business cover:

  • what an organisation should do when collecting personal information;
  • the use and disclosure of personal information;
  • information quality and security;
  • openness;
  • the general right of individuals to access and correct their own records; and
  • rules around sensitive information (e.g. health, racial or ethnic background, or criminal record).

Examples

Example 1: Social Security (Administration) Act 1999

The confidentiality provisions in the Social Security (Administration) Act 1999 prohibit any person from misusing information about a person that is, or was, held in government records for social security purposes. The provisions specify offences related to the unauthorised disclosure or use of protected information. They also specify circumstances where obtaining, recording, disclosing, or otherwise using protected information may be authorised. The penalty for breaking the confidentiality provisions is up to two years imprisonment.

Reference: Social Security Act 1991 and Social Security (Administration) Act 1999 Part 5 Division 3 Confidentiality.

Example 2: Australian Institute of Health and Welfare Act 1987

The provisions of the Australian Institute of Health and Welfare (AIHW) Act 1987 ensure that data collections managed by AIHW are kept under strict conditions with respect to confidentiality. The penalty for breaking the confidentiality provisions is $2,000 or imprisonment for 12 months, or both. The AIHW Act 1987 provides for AIHW to release health and welfare-related data for research purposes, with the approval of the AIHW Ethics Committee, under certain terms and conditions. However, AIHW is also subject to the Privacy Act 1988, which restricts AIHW’s ability to release identifiable data about living individuals.

The combined effect of these Acts is that AIHW may make health data about living individuals available for research with the approval of the AIHW Ethics Committee, provided certain terms are met. Release of identifiable welfare data may only be approved by the AIHW Ethics Committee in respect of deceased individuals. Under Section 29 of the AIHW Act, a person to whom such information is divulged for any reason is subject to the same confidentiality obligations as apply to AIHW staff.

Reference: Australian Institute of Health and Welfare Act 1987, Section 29.

Example 3: Taxation Administration Act 1953

The disclosure of information about the tax affairs of a particular entity is prohibited except in certain specified circumstances under the Taxation Administration Act 1953. Those exceptions are designed to meet the principle that disclosure of information should be permitted only if the public benefit derived outweighs the entity’s privacy. The penalty for breaking these provisions of the Taxation Act is two years imprisonment.

Reference: Taxation Administration Act 1953, Schedule 1, Division 355, Confidentiality of taxpayer information.

Example 4: Census and Statistics Act 1905

The Census and Statistics Act 1905 gives the Australian Bureau of Statistics (ABS) authority to collect data for statistical purposes. Under this Act, information supplied to the ABS cannot be published or disseminated in a manner that is likely to enable the identification of a particular person or organisation. The Act contains provisions obliging past and present employees of the ABS to maintain the secrecy of data collected under the Census and Statistics Act. A fine of up to $20,400, or a penalty of two years imprisonment, or both, applies to an unauthorised disclosure of information collected under the Act.

Reference: Census and Statistics Act 1905, Sections 12 and 19.

Example 5: High Level Principles for Data Integration Involving Commonwealth Data for Statistical and Research Purposes

Commonwealth Portfolio Secretaries have endorsed a set of principles for a safe and effective environment for data integration involving Commonwealth data for statistical and research purposes. Principle six, Preserving Privacy and Confidentiality, says that policies and procedures used in data integration must minimise any potential impact on privacy and confidentiality. For example, access to potentially identifiable data for statistical and research purposes outside secure and trusted institutional environments should only occur where: legislation allows; it is necessary to achieve the approved purposes; and it meets agreements with source data agencies.