How the NHDH is governed

There are several components that contribute to the governance oversight of the NHDH.

The NHDH Advisory Committee 

The NHDH is overseen by the NHDH Advisory Committee, which comprises the AIHW, and representatives of data custodians of data included in the NHDH. Through federated governance members, the NHDH is also overseen by data custodians who do not participate on the NHDH Advisory Committee, however, endorse the inclusion of their data in the NHDH.

The AIHW NHDH Advisory Committee and federated governance members provide strategic planning, governance and communication strategy advice to the AIHW on the delivery of the NHDH.

The NHDH Advisory Committee and federated governance members advise on: 

  • overall strategic planning and monitoring of the NHDH
  • governance arrangements and streamlining processes 
  • communication strategies and promoting the use of the NHDH 
  • relationship between NHDH and other national health and welfare data integration initiatives and national linkage systems 
  • NHDH project proposals.

Overarching ethics approval 

The NHDH has streamlined data governance arrangements and enduring overarching AIHW ethics approval, which specifies the approved purposes for which the NHDH can be used. Under the NHDH governance protocols all project proposals are assessed in accordance with the agreed uses of the NHDH by the AIHW NHDH Data Custodian, the AIHW Ethics Committee Secretary (unless the project requires full AIHW Ethics Committee approval), and the NHDH Advisory Committee and/or federated governance members.

The AIHW Ethics application acts as the Privacy Impact Assessment for the NHDH which includes an assessment made against the AIHW’s compliance to the Australian Privacy Principles and includes information on ensuring the community trusts the AIHW to manage the use of their data, safely and wisely.

NHDH Governance Protocols

The NHDH Governance Protocols establish the authoritative framework for data governance of the NHDH. This document sets out the conditions prescribed by data custodians for the inclusion of their data in the NHDH, and incorporates all legislative, regulatory, and operational requirements governing the management and use of the linked data system. It defines oversight arrangements, host environment standards, permissible data uses, project approval processes, data access and use, confidentiality protocols prior to data release, output clearance procedures, and public release obligations.

Researchers are required to consult the NHDH Governance Protocols when accessing or using NHDH data. The NHDH Governance Protocols, together with all associated attachments, are available for download via the NHDH Resources Webpage.

Compliance with the Privacy Act 

The AIHW must comply with the requirements of the Commonwealth Privacy Act 1988 (Privacy Act) in collecting and using personal information from you for the linkage to the NHDH, unless the collection and use of the information is a Required or Authorised by Law (ABL) exception to the consent requirements of the Australian Privacy Principles.

In assessing compliance with the Privacy Act for these purposes, the AIHW will be relying on the strict requirements of the Australian Privacy Principles contained in the Act, and the guidance provided by the Australian Privacy Principles Guidelines issued by the Office of the Australian Information Commissioner.

The identifiable information we collect about you (i.e. name and date of birth) will be sent to the Australian Institute of Health and Welfare (AIHW) to enable linkage with databases held by AIHW which contains information about your health for the purposes of the study. Any research using data about you held by AIHW will be performed using de-identified information that cannot be re-identified.

Once linkage activities have occurred the Privacy Act does not require us to remove de-identified data.

The National Statement on Ethical Conduct in Human Research

AIHW is also bound by the National Statement on Ethical Conduct in Human Research (National Statement) in its collection and use of personal information, and will be applying the relevant provisions of the National Statement relating to consent, in particular

  • the categories of individuals identified in Chapter 4;
  • opt-out consent arrangements (Chapter 2.3); and,
  • research involving Aboriginal and Torres Strait Islander Peoples (Chapter 4.7).

AIHW will discuss with you how these requirements relate to the consent arrangements you currently have in place or are proposing for your provision of personal information to AIHW for linkage to the NHDH. We will discuss with you whether an ABL exists which would mean that consent is not required or, in circumstances, whether there is neither consent nor an ABL, whether a waiver under section 95 of the Privacy Act is feasible.

Privacy and confidentiality

The AIHW has a long history in managing data linkage safely and securely, with more than 35 years of experience linking data, for example cancer data with national deaths data. 

 As an accredited integrating authority and an Accredited Data Service Provider under the Data Availability and Transparency Act 2022, we are committed to protect personal data and safeguard your privacy. This commitment is underpinned by law.

We do this by:

  • collecting and using personal information in accordance with the Privacy Act 1988.
  • removing identifying data (such as names and addresses) so that a person cannot be identified.
  • storing personal identifiers separately from other data so that no one can see personal identifiers and analytical data at the same time 
  • embedding the Five Safes Framework - an internationally recognised approach to considering strategic, privacy, security, ethical and operational risks associated with data sharing or release.
  • providing a secure environment for authorised researchers to use the linked data asset that includes controls of what data can be accessed, analysed, and released. 
  • managing relationships with data custodians to ensure accountability and appropriate use of linked data assets.

Projects using the NHDH fall under two categories: projects who meet the requirements under the NHDH Governance Protocols and projects that must have ethical approval from the AIHW Ethics Committee. Further information can be found in the NHDH Governance Protocols on our resources webpage.

The AIHW’s data governance framework provides more information about measures we are taking to manage data safely and protect your privacy.

What actions are used to preserve your privacy in the NHDH?

The AIHW uses various techniques to ensure your privacy is preserved within the linked data available in the NHDH. Such techniques include, but are not limited to:

  • removing any identifiable information prior to the data being loaded to the NHDH.
  • requiring additional justification to access certain types of data which are stored as different data sets such as access to full dates. 
  • transforming the data to reduce re-identification or spontaneous recognition of an individual or organisation, such as:
    • removing post code data
    • recoding Country of Birth and Language background data, for example, four-digit Country of Birth has changed to one-digit Country of Birth 
    • removing low level geographic information from data pertaining to a private hospital
    • removing some information about organisations, for example details about public and private hospitals
    • recoding data that is considered sensitive, for example, recoding data relating to a correctional facility and law enforcement facility 
  • applying confidentiality rules to all aggregate outputs released from the NHDH. 

NHDH and The Five Safes framework

AIHW’s application of the five safes framework for the National Health Data Hub

The AIHW has a long history of leadership, excellence and effective compliance with its privacy and confidentiality obligations and is well experienced in managing the risks associated with the collection, use and release of data. The AIHW uses the Five Safes framework to reinforce management of the privacy and confidentiality of data. 

The Five Safes is an approach to thinking about, assessing and managing risks associated with data sharing and release. The framework is an internationally recognised approach to considering strategic, privacy, security, ethical and operational risks as part of a holistic assessment of the risks associated with data sharing or release. The Data Availability and Transparency Bill 2020 includes reference to Data Sharing Principles based on the Five Safes framework. 

The framework is used to assess risk across five dimensions associated with a specific data sharing or release proposal. Table 1 below outlines the five dimensions, and the assessments made for the National Health Data Hub.

Table 1: Framework dimensions and NHDH assessments
DimensionMeaningAIHW practice for the NHDH
Safe People

Can the users be trusted to use the NHDH it in an appropriate manner?

Researchers are assessed to have the knowledge, skills and incentives to act in accordance with required standards of behaviour for access to the NHDH.
Researchers must attend mandatory NHDH onboarding training session that outlines the behaviours and practices the researchers must adhere to when accessing the NHDH.

Researchers must sign:

  • AIHW Ethics Committee Confidentiality Undertaking form (S.29): A legally binding agreement between the researchers and the AIHW
  • Secure Access Environment (SAE) User Agreement.

Safe Projects 

Is the use of the NHDH data appropriate?

Use of the NHDH data is assessed to be legal, ethical, and in line with the approved uses of the NHDH.

A NHDH project is expected to deliver public benefit and project proposals are assessed against this.
The AIHW Ethics Committee and respective Commonwealth and state/territory jurisdictional Ethics Committees and Data Custodians assess the NHDH project proposal in context of privacy and legal obligations, the data requested and the other Four Safes. Non-government projects need to seek HREC approvals to obtain the full approval to access NHDH. 

Conditions set out by these parties govern the use of the data. 

Safe Settings 

Does the NHDH access facility prevent unauthorised use?

There are practical and secure controls on the way the NHDH data is accessed – both from a technology perspective and considering the physical environment. 

NHDH access is via the two secure access environments (SAEs) managed by the AIHW. The SAEs are controlled by two-pass authentication login.

All data remains in the SAEs until aggregate outputs are cleared for release.

Safe Data 

Is there a disclosure risk in the NHDH data itself?

NDHD data has been treated appropriately to minimise the potential for re-identification and spontaneous recognition of individuals or organisations. 

Safe data is achieved by reducing detail and masking or encrypting the different types of IDs within the context of the other Four Safes. 

Safe Output 

Are the statistical results from the NHDH non-disclosive?

All output from the NHDH are checked for compliance to the NHDH output vetting checks and data custodian use conditions and approved by the AIHW NHDH data custodian.

Users of the NHDH are trained in allowable outputs and they must not identify individuals or organisations.

Reference

Desai T; Ritchie F Welpton R 2016. ‘Five Safes: designing data access for research’.  Economics Working Paper Series 1601. Bristol: University of the West of England.