The AIHW is committed to maintaining the privacy and security of all information that it holds. Our statutory obligations in acquiring, handling and releasing data are taken very seriously. Data governance arrangements at the AIHW are mature, robust and continually evolving to ensure compliance with relevant legislative and regulatory obligations. The Australian Institute of Health and Welfare Act 1987 (AIHW Act) enables the sharing and release of information while protecting the identity of individuals and organisations. Our processes for doing so also ensure that AIHW adheres to data supply terms and conditions. For information about AIHW Data governance framework see Data governance.
Protecting information through strong privacy and data security arrangements
The AIHW is subject to the Privacy Act 1988 (the Privacy Act), including the Australian Privacy Principles (APPs) contained in the Act. The Privacy Act regulates how Commonwealth agencies and private sector organisations can collect, hold, use and disclose personal information about living individuals. In addition, the confidentiality requirements in section 29 of the AIHW Act protect a broader range of information than the Privacy Act, such as information about deceased persons.
The AIHW also complies with the Australian Government Agencies Privacy Code (2018). This code sets out specific requirements and key practical steps that agencies must take as part of complying with Australian Privacy Principles and moving towards a best practice approach to privacy governance. This includes development of a Privacy Management Plan which assesses privacy maturity and compliance, and documents improvement actions on an annual basis.