|Page tools: Print Page Print All|
WHAT IS CONFIDENTIALITY AND WHY IS IT IMPORTANT?
Maintaining confidentiality (i.e. protecting secrecy, privacy and identity) is essential to preserving public trust in data custodians – the agencies that collect, manage and release data.
THE OBLIGATION TO MAINTAIN CONFIDENTIALITY
Australian Government agencies collect data from individuals and organisations as a standard part of their activities. There is a legal and ethical responsibility for agencies to respect and maintain the secrecy, privacy and identity of those providing the information.
In practice, this means implementing policies and procedures that address all aspects of data protection. Agencies should ensure that identifiable information:
The obligation to keep confidential the identities and characteristics of people and organisations is primarily reflected in laws governing the collection, use and dissemination of information. These laws include, for example:
These and other pieces of legislation have different terminology for the process of making data available in a safe manner. However, they all require reasonable steps to be taken to limit the likelihood of an individual person or organisation being re-identified in any data that is released. Penalties apply if the secrecy provisions set out in these Acts are breached. For example, the Census and Statistics Act stipulates criminal penalties for enabling the likely identification of an individual or organisation.
In Australia, data protections are recognised in the Privacy Act 1988.
The Act sets out people’s rights in relation to the collection, use, sharing and retention of information they provide to the Commonwealth. The Privacy Act also establishes the Australian Privacy Principles (APPs) which outline how most Australian Government agencies, all private sector and not-for-profit organisations with an annual turnover of more than $3 million, all private health service providers and some small businesses must treat personal information. Importantly APP 6 limits the disclosure of personal information. Personal information is defined in s 6(1) of the Privacy Act as:
‘information or an opinion about an identified individual, or an individual who is reasonably identifiable:
Government agencies in the Northern Territory, ACT and most Australian states are bound by privacy legislation specific to their state or territory. Agencies in Western Australia are bound by the confidentiality provisions and privacy principles in the Freedom of Information Act 1992 (WA); while South Australia has an Information Privacy Principles Instruction administered by the Privacy Committee of South Australia.
Organisations will often have policies and principles that outline additional, non-legislative requirements for maintaining confidentiality.
In the government sector, these documents set standards for employee behaviour and provide advice on the protocols and procedures for managing information safely. For example, the APS Values and Code of Conduct explain the high levels of ethical behaviour required of Commonwealth Government employees. Agencies planning to integrate datasets can find principle-based obligations in the High Level Principles for Data Integration Involving Commonwealth Data for Statistical and Research Purposes.
Finally there is a public expectation that agencies will treat information about individuals and organisations with respect and manage it appropriately.
MANAGING DATA CONFIDENTIALITY
This series focusses on practical advice for data custodians once a decision has been made to release a dataset; the question of whether a dataset should be released is not covered.
With the increasing demand for all government agencies to provide access to their datasets, there is more need than ever to protect and manage confidentiality, while making data available in a form suitable for decision making, research and policy development. Many agencies that collect data, including the Australian Bureau of Statistics (ABS), have long and proven experience in managing data confidentiality.
All data custodians must carefully consider confidentiality requirements (i.e. secrecy, privacy and identity) before the release of any data, whether aggregate or microdata.
A CONTEXTUAL APPROACH TO CONFIDENTIALITY
As mentioned above, legislation enables data to be released provided reasonable steps are taken to prevent re-identification. This series advocates for a contextual approach to confidentiality. This means that as long as the practical result (of processes applied) is that the confidentiality of individuals or organisations is not breached, then the legal and ethical requirements are satisfied. Processes used to achieve this are heavily dependent on the surrounding context (or manner) in which the data are released. In order to maintain confidentiality each of the following should be considered:
The Privacy Act supports this contextual approach to maintain confidentiality of the data is protects (ie personal information). The notion of ‘identifiability’ is central to the operation of the Privacy Act, although there is no formal definition of when an individual is ‘identifiable’ or ‘reasonably identifiable’ in a dataset. The Office of the Australian Information Commissioner sets out a number of factors that organisations should consider when determining the identifiability of data they hold (Privacy business resource 4: De-identification of data and information) as well as providing guidance on ‘what is personal information’. Importantly these resources show that determining whether any data subjects are ‘reasonably’ identifiable in a dataset requires a contextual consideration of the particular circumstances of the case, including:
In some circumstances, this contextual approach may mean that a focus on treating the data will be the only practical option (such as when data are made publicly available on a website). In other circumstances, controls on the environment in which data are to be accessed, used or released may play a larger role. Understanding this context will inform decisions about what level of treatment is required for a data release.
Other context controls could include:
For example, the ABS applies this contextual approach to confidentiality using the Five Safes Framework in order to provide researchers with secure access to detailed microdata within the ABS DataLab. A similar approach is taken by the Sax Institute in their Secure Unified Research Environment (SURE).
More detail on contextual considerations when providing access to data can be found in Part 3: Managing the risk of disclosure: the Five Safes Framework.
These documents will be presented in a new window.
1160.0 - ABS Confidentiality Series, Aug 2017
Latest ISSUE Released at 11:30 AM (CANBERRA TIME) 23/08/2017 First Issue