Privacy policy

Share

Who we are

The Australian Institute of Health and Welfare (AIHW) is a corporate Commonwealth entity established in 1987, governed by a management Board, and accountable to the Australian Parliament as part of the Health portfolio.

We collect and report information on many topics and issues, including health and welfare expenditure, hospitals, disease and injury, mental health, ageing, homelessness, disability and child protection.

One of our main roles is to work with the states and territories to improve the quality of data. Where possible, we compile national datasets based on data from each state and territory. We also analyse these datasets and distribute information and statistics.

About this privacy policy

This privacy policy outlines how we handle personal information and how we comply with our privacy obligations. We update this policy if anything changes, and fully review it every three years.

Under this policy, we adhere to the:

Privacy Act 1988 (Cwlth)

Under the Privacy Act, ‘personal information’ is information about a living person who could reasonably be identified. We comply with the Australian Privacy Principles (APPs) in the Privacy Act when we collect, use, disclose and store personal information, and when dealing with how people may access and correct the personal information we hold about them.

The Privacy Act has an important exception to the APPs that applies to the AIHW. Section 95 permits us to take actions that might otherwise breach an APP, if those actions are for medical research and in accordance with the Guidelines under Section 95 of the Privacy Act 1988 issued by the National Health and Medical Research Council.

Australian Institute of Health and Welfare Act 1987 (Cwlth)

We do not disclose information we collect about persons (living or deceased) or organisations to anyone outside the AIHW unless authorised to do so under the AIHW Act.

It is a criminal offence for our staff, or anyone working with or receiving information from us, to disclose information in breach of Section 29 of the Act.

Our Ethics Committee

Our Ethics Committee is established under Section 16 of the AIHW Act and the Australian Institute of Health and Welfare Ethics Committee Regulations 1989. The Committee's functions and membership are prescribed in the regulations.

One function is to determine, on ethical grounds, if identifiable data should be released for a specific purpose. This is data containing personal information (Privacy Act) or information concerning a person (AIHW Act). The Committee can impose conditions or restrictions on the release of such data.

The Committee considers applications:

  • by external researchers to access identifiable data we hold which they want to link with their own data for medical research projects
  • by our units and collaborating centres when they start a new data collection or change the scope of a data collection
  • when we propose to link data sets for analysis
  • for data linkage activities proposed on behalf of other government agencies in our role as an accredited integrating authority.

When deciding on applications the Ethics Committee considers compliance with the:

  1. AIHW Act

  2. Privacy Act, including Guidelines under Section 95

  3. National Statement on Ethical Conduct in Human Research.

Our personal information handling practices

We only collect, hold, use and disclose personal information to carry out our work (Section 5, AIHW Act). We collect health-related and welfare-related information to develop statistics for and information used by governments and researchers to assist with health and welfare policy and decision making.

We also collect some personal information when people use our website to improve our website, products and services.

Why we collect personal information

Statistics and information

We collect personal information for a range of reasons, including to:

  • conduct health and welfare surveys
  • maintain health and welfare data sets
  • maintain national registers such as the National Death Index, National Mortality Database and National Cancer Database
  • undertake data linkage activities for medical and health research.

More information: About our data.

Other purposes

We also collect personal information for other purposes. This includes:

  • contact details of:
    • subscribers to our notification services
    • members of committees we are on or provide secretariat services for
    • people who have signed releases to take part in photographic, video or audio sessions about our work and publications
  • responses to queries and complaints
  • responses to requests under the Freedom of Information Act 1982 (Cwlth)   
  • records of applicants for vacancies and temporary engagement registers, employees, contractors and sales and purchases.

How we collect personal information

We collect personal information:

  • directly from staff, members of the public or organisations
  • indirectly from Australian Government agencies, state or territory government bodies or other organisations.

We collect this information in various ways, including:

  • paper-based and electronic forms (surveys, online forms)
  • electronic data files
  • emails
  • in person
  • telephone
  • audio, photographic and digital recording devices
  • our website
  • our social media sites.

Where appropriate, we collect information through SurveyMonkey, a United States-based service. Through SurveyMonkey, we conduct feedback surveys and polls on our products, services and website. SurveyMonkey adheres to its own privacy policy.

Types of personal information we hold

We may collect the following types of personal information as we perform our work:

  • name, address and contact details (for example, phone and fax numbers, email addresses)
  • demographics (for example, dates of birth, sex, marital status, employment status, employment history, educational qualifications, accommodation, health and welfare services accessed)
  • photographs, video and audio recordings
  • records of staff, former staff, contractors and consultants and applications for temporary or permanent vacancies
  • financial information (for example, for staff, consultants, contractors and those who buy our publications online).

We also collect and hold some sensitive information, including:

  • health information (such as physical and mental health, disability records)
  • race or ethnic origin. 

Securing personal information

We collect and store personal information securely. Electronic and paper records containing your personal information are stored and protected in accordance with the Australian Government’s Protective Security Policy Framework and managed in accordance with Australian Government records management requirements set out in the Archives Act 1983 (Cwlth) and our Data Governance Framework (295KB PDF).

We support these broader requirements with many internal policies and procedures on:

  • information security and privacy (technical, physical and personnel aspects)
  • data custody
  • activities of the AIHW Ethics Committee
  • submissions to the AIHW Ethics Committee for projects involving personal information
  • data linkage (we follow strict protocols when data held in two or more data sets is linked)
  • confidentialising data (which means removing personally identifying information, leaving anonymous data for creating and publishing statistics and information)
  • release of statistical information.

All our staff and contractors must sign confidentiality agreements before they can access any data we hold. We only grant our staff with access to a data collection when they need it to perform their work. 

Use and disclosure of personal information

We only use personal information to perform our work under the AIHW Act, or in our capacity as an employer.

If we disclose personal information, we do so as permitted by the AIHW Act and Privacy Act.

We may disclose your personal information where:

  • you have agreed
  • you would reasonably expect, or have been told, that we usually disclose information in a particular circumstance or to a particular person or organisation
  • it is required or authorised by law.

Our website 

When you browse our website, we collect this information about your visit, which we use for statistical purposes:

  • your server or IP address (the name or number which uniquely identifies the computer you are using to connect to the Internet)
  • date and time of your visit
  • pages you accessed and documents you downloaded
  • search terms you used
  • previous sites you visited
  • top-level domain name (for example, .com, .gov, .au, .uk)
  • type of browser you used.

Cookies

We use cookies, which are small pieces of data stored on your computer, to help us track your visit. This includes:

  • whether you have visited our website before
  • how much time you spent on our website
  • the text size you chose for viewing our website
  • publications you purchased.

Google Analytics

We use Google Analytics, a United States-based service, to analyse browsing information and produce reports on how visitors use our website. Google may transfer this information to third parties when required by law, or when the third parties process the information on Google's behalf. Google stores information across multiple countries.

Google has a privacy policy that states they will not associate your IP address with other data they hold.

How to access, correct or update personal information

You can ask to access the personal information we hold about you. If that information is incorrect or outdated, you can ask us to correct it.  

Contact our Privacy Officer.

How to complain about a possible breach of privacy

We are committed to protecting your privacy. You can make a complaint if you believe we may have breached your privacy or our privacy obligations.

Send your complaint to our Privacy Officer providing your contact details.

We take all complaints seriously and are committed to quickly and fairly resolving them. If the matter is complex and takes longer to investigate that we first expected, we will keep you informed on when you will receive a response.

If you are not happy with our response to your complaint about privacy, you can ask the Office of the Australian Information Commissioner to review your complaint and our response. You do not have to send your complaint to us before you ask the OAIC to consider it. However, if you do so, the OAIC may recommend that you try to resolve it with us first.

How to contact us about privacy

Email  [email protected]

Post

Privacy Officer
Australian Institute of Health and Welfare
GPO Box 570
Canberra ACT 2601

Phone +61 2 6244 1065