Criterion II – Demonstrate safe data access

Integrating authorities must demonstrate that information that is likely to enable identification of individuals or organisations is not disclosed to external users.

II(a) How will safe data access be provided? Please provide details of the proposed method. For example:
  • on site data laboratories
  • secure remote access facilities
  • review of data by appropriately skilled internal staff to ensure data is appropriately confidentialised before release
  • provision of only confidentialised files to users (e.g. using formal algorithms to apply confidentiality)
  • other – specify.

As an extra protection, in addition to one of the methods above, integrating authorities may also restrict access to endorsed applicants (similar to the restrictions placed on access to a Confidentialised Unit Record Files by the ABS, for example).

Example documentation to consider:

  • Computer access policy and form
  • Remote access policy and form
  • Confidentiality policy and procedures
  • Confidentiality declaration form
  • Information Security Policy and procedures
  • Outline of user access management controls

For more information on managing confidentiality and methods for confidentialising data see the Confidentiality Information Series on the NSS website

Return to Applying for accreditation

Continue to  Criterion III - Availability of appropriate skills