On this page:

Who we are

The Australian Institute of Health and Welfare

The Australian Institute of Health and Welfare (AIHW) is a corporate Commonwealth entity established in 1987, governed by a management board, and accountable to the Australian Parliament as part of the Health portfolio.

We collect and report information on many topics and issues, including health and welfare expenditure, hospitals, disease and injury, mental health, ageing, homelessness, disability and child protection.

We create authoritative evidence and accessible information and statistics that inform policy and decision makers to improve the health and welfare of all Australians.

Our Ethics Committee

The Australian Institute of Health and Welfare Ethics Committee is established under section 16 of the Australian Health and Welfare Act 1987 (AIHW Act) and the Australian Institute of Health and Welfare (Ethics Committee) Regulations 2018. The Committee's functions and membership are prescribed in the regulations.

Further information about the Ethics Committee can be accessed on our website at AIHW Ethics Committee.

About this privacy policy

Our Privacy Policy sets out how the AIHW complies with:

Under APP 1, we are required to have a clearly expressed and up-to-date privacy policy describing how we manage personal information.

We will update this policy if anything changes, and fully review it every 2 years.

Privacy Act 1988

Under the Privacy Act, ‘personal information’ is information about a living person who could reasonably be identified. We comply with the APPs in the Privacy Act when we collect, store, use and disclose personal information, and when dealing with how people may access and correct the personal information we hold about them.

The Privacy Act has an important exception to the APPs. Section 95 permits us to take actions that might otherwise breach an APP, if those actions are for medical research approved by a Human Research Ethics Committee and in accordance with the Guidelines under Section 95 of the Privacy Act issued by the National Health and Medical Research Council.

The Privacy (Australian Government Agencies – Governance) APP Code 2017 (the Code) requires that an agency:

  • have a privacy management plan that measures and documents its performance against privacy at least annually
  • have a designated Privacy Champion, who promotes a culture of privacy and provides leadership on strategic privacy issues
  • have a designated Privacy Officer, who is the primary point of contact for advice on privacy matters
  • provide privacy education or training in staff induction programs and annually to all staff who have access to personal information in the course of performing their duties
  • conduct a Privacy Impact Assessment (PIA) for all high privacy risk projects
  • publish a register of PIAs on its website.

The AIHW complies with requirements of the Code through the following actions.

  • Each year we prepare and implement a privacy management plan that includes specific, measurable privacy goals and targets to ensure compliance with the Code and actions to continually improve our privacy maturity.
  • We have appointed a Privacy Champion, who is currently the Head of the Data Governance and Integration Group.
  • We have appointed a Privacy Officer, who is currently the Head of the Ethics and Privacy Unit.
  • Our staff are provided privacy training on induction and are required to complete mandatory annual privacy training. Annual presentations and privacy awareness updates are provided to staff during Privacy Awareness Week.
  • The systematic reviews undertaken by our Ethics Committee of privacy aspects associated with the establishment of AIHW data collections and applications for research projects meet the requirements of a PIA, as they address APP compliance and community expectations. We do not limit our PIAs to high-risk projects. Listings of Ethics Committee Approved projects and status and data collections are provided on our website. Further information on our PIAs can be found on the Privacy impact assessments page.
  • The AIHW also conducts PIAs for non-research high privacy risk activities that involve new or changed ways of handing personal information.

Australian Institute of Health and Welfare Act 1987

It is a criminal offence for our staff, or anyone working with or receiving information from us, to disclose information in breach of the confidentiality provisions of section 29 of the Australian Institute of Health and Welfare Act 1987 (AIHW Act).

We do not disclose information we collect about persons (living or deceased) or organisations to anyone outside the AIHW unless authorised to do so under the Act.

Our personal information handling practices

Anonymity

When dealing with the AIHW you have the option to not identify yourself, or to use a pseudonym, where it is lawful and practical to do so.

Collecting, holding and using personal information

We collect, hold and use personal information for two key purposes:

  1. to carry out the health-related and welfare-related functions of the AIHW
  2. for our management and operational activities.

These are further detailed below.

1. For health-related and welfare-related functions

We collect, hold and use personal information to carry out the health-related and welfare-related functions of the AIHW set out in section 5 of the AIHW Act.

We collect, hold and use health-related and welfare-related data and information to develop statistics for and information used by governments and researchers to assist with health and welfare policy and decision making. This work includes:

  • conducting health and welfare surveys
  • maintaining health and welfare data sets
  • maintaining national data collections such as the National Death Index, National Mortality Database, Australian Cancer Database and Australian Mesothelioma Registry
  • facilitating health and welfare research projects
  • undertaking data linkage activities for health and welfare research.

We collect this personal information directly from members of the public or indirectly from Australian Government agencies, state or territory government bodies and other organisations.

We collect, hold and use some sensitive information (as defined in the Privacy Act), including:

  • health information (such as physical and mental health, disability records)
  • racial or ethnic origin.

Details of personal information found in individual AIHW collections may be found here: Our data collections.

2. For management and operational activities

We collect, hold and use personal information for a variety of purposes relating to our management and operational activities. This includes:

  • contact details of:
    • subscribers to our notification services
    • members of committees we are on or provide secretariat services for
    • individuals associated with research projects considered by the AIHW Ethics Committee
    • people who have signed releases to take part in photographic, video or audio sessions about our work and publications
  • responses to queries and complaints
  • records of employees, former employees, contractors, consultants and applicants for vacancies and temporary engagement registers
  • records of sales and purchases.

We may collect, hold and use other types of personal information to help us carry out our management and operational functions including:

  • name, address and contact details (for example, phone and fax numbers)
  • demographics (for example, dates of birth, sex, marital status), employment status, employment history, educational qualifications, accommodation, health and welfare services accessed
  • photographs, video and audio recordings
  • financial information (for example, for staff, consultants, contractors and those who buy our publications online).

We collect this information in various ways, including:

  • paper-based and electronic forms (surveys, online forms)
  • electronic data files
  • emails
  • in person
  • telephone
  • audio, photographic and digital recording devices
  • our website
  • our social media sites.

We also collect, hold and use personal information for a variety of other purposes relating to our management and operational activities, including:

  • to make communicating with you easier, including providing you with a response to any request you may make
  • performing our employment and personnel functions in relation to our staff and contractors, including payroll, recruitment and other matters (such as those relating to work health and safety)
  • performing our legislative and administrative functions
  • contract and committee management.

Other general purpose practices

For either of the above purposes we may also collect and use your personal information in the following ways.

Our website

When you browse our website, we collect this information about your visit, which we use for statistical purposes:

  • your server or IP address (the name or number which uniquely identifies the computer you are using to connect to the Internet)
  • date and time of your visit
  • pages you accessed and documents you downloaded
  • search terms you used
  • previous sites you visited
  • top-level domain name (for example, .com, .gov, .au, .uk)
  • type of browser you used.

We might include links to other sites including social media sites to make it easy to share information. These other sites might use web measurement tools, customisation technologies and persistent cookies to inform the service they provide to their users. We are not responsible for the privacy practices or the content of other websites, and we do not use, maintain or share personal information that is collected by other websites.

Cookies

We use cookies, which are small pieces of data stored on your computer, to help us track your visit. This includes:

  • whether you have visited our website before
  • how much time you spent on our website
  • the text size you chose for viewing our website
  • publications you purchased.
Google Analytics

Our website uses Google Analytics, a United States based service, to analyse browsing information and produce reports on how visitors use our website.

Google may transfer this information to third parties when required by law, or when third parties process the information on Google's behalf. Google stores information across multiple countries.

Google has their own privacy policy. You can opt out of Google Analytics if you disable or refuse the cookie, disable JavaScript, or use the opt-out service provided by Google.

Social media platforms

We use LinkedIn, Instagram, X, YouTube and Facebook to communicate our work to the public. We may collect your personal information when you interact with us on these channels and will only use it to help us share information with you and the public. Each social media platform has its own privacy policy, which we encourage you to refer to.

Electronic mail addresses

We will record your email address only if you send us a message or otherwise provide it to us. It will only be used for the purpose for which you provide it and will not be added to a mailing list unless you request that this be done.

Subscriptions/logins

We use Swift Digital, an online marketing platform service provider, to send and manage subscription emails. In using this service, Swift Digital may collect personal information, which may contain email address and other information, to be used for the distribution of email campaigns and other important information.

To subscribe or login to some parts of our website, you must provide either a valid email address or a specific username and password. These details will only be used for the purpose for which you have provided them and will not be added to any other mailing lists unless you specifically ask us to. Email mailing list addresses are stored on Swift Digital's server and can be accessed by authorised AIHW staff only. Your email address will not be disclosed without your consent, unless required by law.

All information collected using the Swift Digital service is our property and is never shared or used by third parties.

Swift Digital maintains your data in compliance with Australia's SPAM ACT 2003 and Australian Privacy Principles. All data is maintained within Australia and remains subject to Australian jurisdiction.

Where stipulated data is encrypted in transit using SSL connections. All data stored via Swift Digital is encrypted at rest.

Should you wish to contact Swift Digital, you can find contact details on Swift Digital’s website.

Use of Artificial intelligence (AI)

In accordance with the Policy for the responsible use of AI in government, the AIHW has appointed an AI accountable official who monitors the application of AI systems and tools within the organisation, including in relation to the use of data.

We use machine learning and Artificial Intelligence to enhance the quality, efficiency, accessibility, and reliability of our work. More detail about how AI is used in ways that ensures privacy and ethical issues are appropriately managed is provided in the AIHW’s AI transparency statement.

Securing personal information

We collect and store personal information securely. Some personal information is held in cloud storage on servers located in Australia. Electronic and paper records containing your personal information are stored and protected in accordance with the Australian Government’s Protective Security Policy Framework and managed in accordance with Australian Government records management requirements set out in the Archives Act 1983 and our Data Governance Framework.

We support these broader requirements with many internal policies and procedures on:

  • information security and privacy (technical, physical and personnel aspects)
  • data custody
  • data linkage (we follow strict protocols when data held in two or more data sets is linked)
  • confidentialising data (which means removing personally identifying information, leaving anonymous data for creating and publishing statistics and information)
  • release of statistical information
  • responding to suspected data breaches (in line with the requirements of the Notifiable Data Breach (NDB) scheme under the Privacy Act).

All our staff and contractors must sign confidentiality agreements before they can access any data we hold. We only grant our staff access to a data collection when they need it to perform their work.

Disclosing personal information

If we disclose personal information, we do so as permitted by the AIHW Act, the Privacy Act, and any other relevant legal requirements. We are not likely to disclose personal information to any overseas recipients.

We may disclose your personal information where:

  • you have agreed
  • you would reasonably expect, or have been told, that we usually disclose information in a particular circumstance or to a particular person or organisation
  • it is required or authorised by law.

How to access, correct or update personal information

You have the right to access the personal information we hold about you. If that information is incorrect or outdated, you have the right to ask us to correct it.

Contact our Privacy Officer.

How to complain about a possible breach of privacy

We are committed to protecting your privacy. You can make a complaint if you believe we may have breached your privacy or our privacy obligations.

Send your complaint to our Privacy Officer providing your contact details.

We take all complaints seriously and are committed to quickly and fairly resolving them. If the matter is complex and takes longer to investigate that we first expected, we will keep you informed on when you will receive a response.

If you are not happy with our response to your complaint about privacy, you can ask the Office of the Australian Information Commissioner to review your complaint and our response. You do not have to send your complaint to us before you ask the OAIC to consider it. However, if you do so, the OAIC may recommend that you try to resolve it with us first.

How to contact us about privacy

Email
[email protected]
Post
Privacy Officer
Australian Institute of Health and Welfare
GPO Box 570
Canberra ACT 2601
Phone
Overseas: +61 2 6244 1000
Within Australia: 02 6244 1000