PLIDA Privacy Statement
Purpose
This statement outlines how personal information collected by the Australian Bureau of Statistics (ABS) or shared with the ABS by data custodian agencies will be treated as part of the Person Level Integrated Data Asset (PLIDA).
The statement outlines what personal information is collected and shared, and how it will be used in the project, as well as how people can apply to access or correct their personal information.
Authority to share personal information
PLIDA is a partnership among seven Australian Government agencies that brings important national datasets together securely to maximise their value for policy analysis, research, and statistical purposes.
The agencies are the Australian Bureau of Statistics, Australian Taxation Office, and the Departments of Education, Health and Aged Care, Home Affairs, and Social Services, and Services Australia.
Each agency involved in the PLIDA collects personal information related to its functions or activities. This information will be disclosed to the ABS for the PLIDA as authorised by law for policy analysis, research, and statistical purposes, consistent with the Privacy Act 1988. Each agency will assess the authority and purpose for disclosure of information to the ABS prior to disclosure. For the PLIDA, agencies only share information with the ABS that is necessary for approved uses such as linkage and analysis.
The ABS conducts the PLIDA in accordance with its mandate to collect, compile, analyse, and disseminate statistics established by the Australian Bureau of Statistics Act 1975 and the Census and Statistics Act 1905.
The collection and use of personal information in the PLIDA is consistent with legislation applying to the PLIDA agencies such as the Privacy Act 1988, including the Australian Privacy Principles and the Australian Government Agencies Privacy Code 2017, as well as their own legislation.
Visit the ABS website for more information on the data and legal authority for the PLIDA.
What personal information is used in the PLIDA
The PLIDA links information from a range of datasets relating to healthcare, education, government payments, personal income tax, and demographics. Only information that is necessary for an approved purpose is used (i.e. not whole datasets).
The ABS manages all data in the PLIDA consistent with processes required by law and best practice for handling personal information.
Personal information is used to link separate datasets together to produce integrated data for analysis by authorised researchers. Personal information is stored separately from other records and is managed in accordance with the Separation Principle. Access to analytical data is controlled according to the Five Safes Framework so that analysis is only done on data which is not likely to identify a person. Information on these management practices is provided below.
Personal information used in linkage (either in original form, or changed into an unrecognisable form to protect privacy) includes name, address, date of birth, and government identifiers. Other demographic information which does not directly identify a person (such as country of birth) may also be used to link datasets together where necessary to ensure high quality linked data.
Information used for analysis is unidentified (see note below). Variables include age, sex, date of birth, marital status, country of birth, languages spoken, housing tenure, educational qualifications, employment information, income and financial information, and use of healthcare and government support services.
The unidentified analytical data is used by authorised researchers to look at patterns and trends, providing a better understanding of the effectiveness of government policies, programs and services.
For more information on data in the PLIDA, visit the PLIDA data and legislation webpage. Information about data linkage processes can be found in the PLIDA (formerly known as MADIP) Privacy Impact Assessments.
Note relating to unidentified
Information is considered ‘unidentified’ when direct identifiers such as name and address are removed or altered into an unidentifiable form, and other factors (such as combination of variables) are managed to ensure a person is not reasonably identifiable. In addition, access is controlled (see below). This is in accordance with guidance issued by the Office of the Australian Information Commissioner.
Note relating to Census name information
The PLIDA does not use original names collected in the Census of Population and Housing, as this information has been destroyed (Census 2011) or irreversibly encoded prior to linkage in the PLIDA (Census 2016). For more information on the management of Census data, see Census Privacy, Confidentiality and Security or the Census Privacy Statement.
Management of and access to personal information
Access to PLIDA data is only provided to authorised users for approved purposes, within highly secure environments. The ABS manages all data in the PLIDA in accordance with legal and best practice standards for handling personal information.
The ABS applies the Separation Principle to store identifiable personal information separately from other information in the PLIDA, and to restrict access to personal information according to function. Functional separation involves allocating each person involved in the PLIDA a specific role (or function), and only providing access to information which is necessary for them to perform that role.
A person working on the PLIDA can only hold one role at a time, and no role has access to identifiable personal information (such as name and address) at the same time as other information (such as income or education level).
The roles involved in the PLIDA are librarian (prepares data for linkage), linker (links data together), assembler (creates files for analysis), and analyst (analyses linked data). There are also specific roles for people working with Census data in the PLIDA: Census name manager (encodes Census names to give to the linker), and Census librarian (prepares non-name Census information for linkage).
Only ABS officers (including officers seconded to the ABS) can perform the Census, librarian, linker, and assembler roles.
Analysts may be officers of the ABS or other government agencies, or non-government researchers who have been approved for access under the Five Safes Framework. The approval process involves assessment of the researcher, the purpose for accessing the information, the information requested, the environment in which access will be granted, and the outputs of their research to ensure that these circumstances meet confidentiality and privacy requirements. The approval process and any relevant training (such as security and confidentiality training for analysts using ABS DataLab) must be completed prior to an analyst being given access to any data.
All individuals who undertake these roles are legally obliged to use data responsibly for approved purposes only, comply with the conditions of access, and maintain confidentiality of data. Access to and use of PLIDA data are logged and monitored.
Note relating to disclosure of personal information to overseas recipients
Personal information in the PLIDA is not disclosed to overseas recipients.
International researchers may apply to become analysts of PLIDA data. If approved under the Five Safes Framework, access would only be given to data without direct identifiers which is not likely to identify a person.
Confidentiality
The ABS will not disclose personal information in a way that is likely to enable a person to be identified.
The information that the ABS collects from individuals and agencies for the PLIDA is covered by the secrecy provisions of the Census and Statistics Act 1905. These provisions legally bind all ABS officers (including temporary employees) to protect personal information, and attract strong penalties for breach.
It is an offence for any past or present ABS officer to divulge, either directly or indirectly, any information collected under the Census and Statistics Act 1905 without the appropriate authority. A person commits an offence if they fail to comply with this obligation and heavy penalties (fines of up to $39,600 or imprisonment for up to 2 years, or both) may apply.
All users accessing PLIDA data (whether ABS officers or otherwise) sign undertakings to use data responsibly, which includes not seeking to identify a person or release identifiable information.
Security, retention, and destruction of information
Privacy and security of personal information in the PLIDA is maintained through strong legislative protections and best practice data management. All personal information in the PLIDA is collected and stored securely by the ABS. Electronic and paper records containing personal information are protected in accordance with the Australian Government Protective Security Policy Framework.
In the unlikely event of unauthorised access to, loss or disclosure of personal information, the PLIDA agencies will abide by the scheme for notifiable data breaches established by the Privacy Act 1988.
In accordance with the Australian Government records management regime, personal information in the PLIDA is destroyed or deleted when no longer required. For more information, see the Administrative Functions Disposal Authority AFDA and ABS records authorities (2001/00000540 and 2007/00105946).
All information in the PLIDA is retained by the ABS while there is a business need to do so. Both the source data that was used to combine datasets and the data that is used for analysis need to be retained in order to maintain and update the integrated data. The need for retention is reviewed annually for the project. This is consistent with the Privacy Act 1988.
Accessing and correcting personal information
Under the Privacy Act 1988, agencies that collect your personal information may permit you to access or correct it, where it is reasonable and practicable for them to do so.
You can apply to access or correct your information held by the agency which originally collected it, however it may not be possible for the ABS to correct or provide you with access to information that has been collected as part of the Census or which has been integrated with other datasets in the PLIDA. This is because data collected under the Census and Statistics Act 1905 is subject to legal exemptions (within that Act, and also under the Freedom of Information Act 1982) to protect the confidentiality of personal information. It is also important to note that personal information such as names and addresses are removed when combined with other datasets as part of the data integration process, which makes it unlikely the ABS would be able to locate your information in the PLIDA to update or correct.
Any enquiries about accessing or correcting personal information in the PLIDA should be directed to the ABS Privacy Officer by emailing privacy@abs.gov.au or by calling (02) 6252 7203. Mail can be directed to:
Privacy Officer
Policy and Legislation Section
Australian Bureau of Statistics
Locked Bag 10
Belconnen ACT 2617
Making a privacy complaint
If you think we may have breached your privacy rights or our privacy responsibilities in relation to the PLIDA, a complaint should first be made to the ABS Privacy Officer using the details provided above.
If you are not satisfied with how the ABS Privacy Officer handles your complaint, or the outcome reached, you may refer your complaint to the Office of the Australian Information Commissioner.
Availability of this statement
If you wish to access this statement in an alternative format (e.g. hard copy), please contact the ABS Privacy Officer using the details provided above.
More information
Visit the ABS website to learn more about data integration and the PLIDA. To find out about the implications for individuals’ privacy, see the PLIDA (formerly known as MADIP) Privacy Impact Assessment.
The following links provide access to privacy policies and statements of the PLIDA agencies:
- Australian Bureau of Statistics Privacy Policy and the Census Privacy Statement
- Australian Taxation Office Privacy Policy
- Department of Education Privacy Policy
- Department of Health and Aged Care Privacy Policy
- Department of Home Affairs Privacy Policy
- Department of Social Services Privacy Policy
- Services Australia Privacy Policy
Contact us
For more information about the PLIDA, email data.integration.privacy@abs.gov.au. For other enquiries, please contact the ABS National Information Referral Service by telephone on 1300 135 070.