Introduction

Summary

Data integration increases the value of Commonwealth datasets by combining them to create more comprehensive information about Australia. Currently, data integration and the risks of integration are managed inconsistently across the Commonwealth. The arrangements for the integration of Commonwealth data were proposed in 2010 to manage the risks of data integration. Their purpose is to encourage Commonwealth agencies to share their data for linking purposes in an effective and safe way. Consistent and robust processes were proposed to increase Commonwealth agencies’ confidence in data integration projects, in particular the management of systemic risk.

The purpose of the risk assessment is to help Commonwealth agencies assess the level of risk of data integration projects as part of determining if a project should proceed and whether an accredited integrating authority is required to manage the integration project.

The risk assessment is only one element that needs to be considered in making a decision on whether to proceed with a project. Data custodians need first to consider whether a project is appropriate and supported by the agency, taking the level of community acceptance, cost/benefit and political considerations of the project into account.

The risk assessment process involves the development of two risk assessments. The initial risk assessment assesses the risk of the data integration project against criteria specified by the Cross Portfolio Data Integration Oversight Board (the pre-mitigation risk assessment). A subsequent risk assessment assesses the residual risk after accounting for risk mitigation strategies (the post-mitigation risk assessment). The risk assessments are compiled either by a lead data custodian appointed by the data custodians for the project, or jointly by all the data custodians (as appropriate given the legislative environment), and may include input provided by one or more integrating authorities and data users. These two assessments are then submitted as part of project registration. The Oversight Board is able to review the risk assessments to ensure they are undertaken accurately and consistently across agencies, and provide advice to agencies on how they could manage risk.

These guidelines ensure that only truly ‘high’ risk projects require the use of accredited Integrating authorities (IAs), reinforcing the aim of the arrangements to encourage and enable greater sharing of Commonwealth data in an effective and systemically safe way.

Purpose

The purpose of the Guidelines is to help Commonwealth agencies assess the level of risk of data integration projects. This assists data custodians in determining if a project should proceed and whether an accredited integrating authority is required to manage the project. An accredited integrating authority is required if, even once risk mitigation strategies are put in place, there is a ‘high’ risk of harm to data providers (including persons, families, households or organisations who have contributed data) or a loss of public trust in the Australian Government or its institutions.

Background

Data integration combines information from different data sources to produce new datasets. In 2010, the Secretaries Board endorsed a set of principles that govern the integration of Commonwealth data for statistical and research purposes, as well as a set of governance and institutional arrangements to support these principles. This paper introduces the revised risk framework guidelines (the Guidelines) that enable Commonwealth data to be safely integrated.

Whether a project should proceed

The risk assessment is only one element that needs to be considered by agencies in deciding if a project should proceed. Other critical decisions are whether benefits outweigh costs, the level of community acceptance of a project and contextual issues. Contextual issues relate to the political, social and economic landscapes. A project also requires the support of data custodians. The appropriateness of a project may be influenced by whether the project is legally required, is a decision of government or meets a broad community need.

Privacy concerns have a strong bearing on community acceptance of a project. These concerns are influenced by the perceived sensitivity of the data being used. Public trust in government may be negatively impacted by projects integrating data people perceive to be sensitive or for a purpose they do not support. An assessment on the likely public perception of integration is therefore important. Transparent processes and community engagement will reduce the concerns the public have in integration projects (Endnote 1).

While a decision on whether to proceed with an integration project should be based on all of these elements, this risk framework focuses on assessing the risk of a breach of confidentiality and privacy. Breaches have negative consequences for public trust in government and for individuals and organisations that are affected by the breaches.