The AIHW has a long history of effective compliance with its privacy and confidentiality obligations and is well experienced in managing the risks associated with the use and release of data. The AIHW uses the Five Safes framework to reinforce management of the privacy and confidentiality of data.
The Five Safes is an approach to thinking about, assessing and managing risks associated with data sharing and release. The framework is an internationally recognised approach to considering strategic, privacy, security, ethical and operational risks as part of a holistic assessment of the risks associated with data sharing or release. The Data Availability and Transparency Bill 2020 includes reference to Data Sharing Principles based on the Five Safes framework.
There are four ways in which the AIHW manages the sharing and releasing of data.
Data are made publicly available with few or no restrictions on who may access
the data and what they may do with it. For example, publishing data to a publicly accessible website—sometimes referred to as open access or open data.
Data are made available by direct delivery to the user’s custody. For example, the user agrees to specific conditions associated with management and use of the data before we agree to deliver it to them.
Secure remote access
Data are made available to users via remote access that has a high level of security infrastructure control and where the users’ activities can be remotely supervised.
For example, the AIHW Secure Remote Access Environment (SRAE) is a secure cloud based platform for storing and enabling user access to unit record data.
Secure on-site access
Data are made available to users in a managed physical location that has a higher level of security infrastructure control and where the users’ activities can be personally supervised. For example, the AIHW performs data linkage through the Data Integration Services Centre (DISC), that is available to authorised, specialist staff users.
Data are released through open access and shared through the other three modes.
The framework is used to assess risk across five dimensions associated with a specific data sharing or release proposal. The dimensions and their attendant risks are described below.
Is the use of the data appropriate?
Can the users be trusted to use it in an appropriate manner?
AIHW Interpretation: Researchers have the knowledge, skills and incentives to act in accordance with required standards of behaviour.
Users of the data:
Is there a disclosure risk in the data itself?
Does the access facility prevent unauthorised use?
Are the statistical results non-disclosive?
The five dimensions are assessed separately, then considered jointly to evaluate whether the overall arrangements are such that the risks have been appropriately managed. Any data access proposal considers all five dimensions (even if simply to note that a particular dimension is not relevant to that solution).
Each dimension of the framework can be considered as an adjustable mechanism offering a range of controls at proportionally higher or lower levels depending on the specific case. While each dimension can be set independently, all five dimensions need to be considered jointly to evaluate whether a particular instance of data sharing is a safe arrangement.
The dimensions interact. More stringent controls in one dimension can allow the controls on other dimensions to be relaxed somewhat, and vice versa. In each situation we ask ourselves: ‘Collectively, are these techniques appropriate and adequate to manage the risk?’
The AIHW seeks to provide the most useful data possible to researchers while continuing to meet our privacy, confidentiality and data supplier obligations.
Each request for data access is assessed on a case-by-case basis, using the Five Safes, with a view to maximising the utility of the data provided for the research.
To facilitate this, depending on the detail and sensitivity of the data requested, we may ask requesters to do any or all of the following:
Our requirements of you in these respects will depend on the nature, volume, detail and sensitivity of the data to which you are requesting access. Requests for access to highly aggregated summary data will result in few, if any, of the requirements listed above. Access to highly sensitive or detailed data may call for your response to most or all of the above.
We'd love to know any feedback that you have about the AIHW website, its contents or reports.
The browser you are using to browse this website is outdated and some features may not display properly or be accessible to you. Please use a more recent browser for the best user experience.