This section outlines the key legal and policy obligations that data custodians and integrating authorities should consider before undertaking statistical data integration projects involving Commonwealth data.
Legal obligations arise from requirements under Commonwealth legislation in relation to identifiable data, including the Privacy Act 1988. Commonwealth government agency level legislation and policy also regulate the use of identifiable personal or protected information including its provision to integrating authorities and data users.
Business data is protected by the conventions of commercial in confidence and consideration of relevant legislation and policy governing access and use of business data also applies when undertaking data integration projects. Statistical data integration involving Commonwealth and state/territory data should also involve consideration of the relevant state/territory legislation.
Policy considerations also include ensuring that projects align with the High Level Principles for Data Integration Involving Commonwealth Data for Statistical and Research Purposes and the Governance and Institutional Arrangements that support the principles.
The following links explain in more detail the key legal and policy obligations that should be considered in order to undertake a data integration project:
- Authorisation to release identifiable data
- Protections prohibiting the disclosure of identifiable data
- Privacy Act 1988
Other topics in this section relating to the Commonwealth arrangements for statistical data integration are:
- Scope of the Commonwealth arrangements
- Risk framework
- Legal and policy considerations
- The separation principle
- Data security
- Data management
- Data breaches