SlideShare ist ein Scribd-Unternehmen logo

Privacy - Useful resources for department staff

Als PPTX, PDF herunterladen
N
NSWCESE

This document provides an overview of privacy obligations for staff at the Department of Education. It discusses laws and guidelines around privacy including the Privacy and Personal Information Protection Act 1998, Government Information (Public Access) Act 2009, and Health Records and Information Privacy Act 2002. It defines personal and sensitive information and outlines rules for collecting, using, storing and disclosing personal data. Specific roles that commonly deal with personal information like data analysts, HR staff and administrators are discussed. Aggregate versus unit-level data and releasing information is also covered.

Business
1 von 21
About Privacy A resource for Departmental Staff
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Understanding privacy obligations is important for all staff The Department of Education collects and manages a vast amount of information, much of it personal information about its staff, students and parents. As an employee, it is vital that you understand how to work with this information. 2
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Which laws, regulations and guidelines set out Information Access and Privacy protocols? 3 Privacy and Personal Information Protection Act 1998 (PPIP) Government Information (Public Access) Act 2009 (GIPA) Health Records and Information Privacy Act 2002 (HRIP) GIPA Act Regulations Agency Privacy Management Plans (PMP) Privacy codes of practice Commissioner’s guidelines
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU What is personal information? 4 Personal information is information or an opinion about an individual. The individual’s identity needs to be apparent or reasonably ascertainable.
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Sensitive and Health Information are types of personal information that require extra protection 5 Sensitive Information “Ethnic or racial origin, political opinions, religious or philosophical beliefs, ATSI status, country of birth, LBOTE and chosen/preferred SRE class” (s.19(1) PPIP Act) PPIPA Privacy and Personal Information Protection Act 1998 Health Information Information about an individual’s health, disability or health services (s.6 HRIP Act) HRIPA Health Records and Information Protection Act 2002 Note: The extra protection categories do not mean that these types of personal information can never be collected, used or disclosed. They just have tougher rules, so extra care is needed with these categories.
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Collecting personal information is regulated by rules known as Privacy Principles 6 The information must: 1) Fulfil a lawful purpose 2) Be relevant 3) Be accurate It must not: 1) Be excessive 2) Be intrusive to an unreasonable extent on the personal affairs of the subject EXAMPLE Enrolment data, such as names, addresses, medical information, etc. is clearly authorised by the Department’s governing and other legislation for the purpose of operating schools effectively and safely.
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Personal information should only be used for the primary purpose for which it was collected, unless: 7 The person has consented Where authorised or required by another law It is for a directly related secondary purpose within their reasonable expectations To deal with a serious and imminent threat to any person
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Questions we must ask when collecting and using personal information include: 8 Is it reasonably necessary to include this particular data? If the Department received a complaint about breaching privacy, could we reasonably argue that the use or disclosure was necessary for us to do our core business? Is this data ‘directly related’ to my work?
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Any information collected by the Department can only be used for limited purposes 9 Operational (School-level) • Allocation of classes • Determining demand for special religious education classes • Arranging for interpreters when needed for parent teacher interviews • Managing students with safety risks e.g. allergies Strategic (Departmental-level) • The calculation of the family occupation and education index (FOEI) for each school. • The allocation of resources for each school. For example: Enrolment data is collected for a primary purpose, which is to enrol a student. However, there are a range of directly related secondary purposes for which that data can be used, such as:
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU When collecting data, it is important that we tell people how we will use their information 10 • General student administration relating to the education and welfare of the student. • Communication with students and parents or carers. • To ensure health, safety and welfare of students, staff and visitors to the school. • State and National Reporting purposes.
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU 11 It allows staff to be aware of what data we have. The Business Unit knows who to go to for help or access to certain information. The privacy status for the dataset is made explicit. It identifies whether general release to the public is allowed (at an aggregated level, for instance). The Department’s Information Asset Register tells us what data we have and how we are protecting it
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Some roles are more likely to deal with personal information on a daily basis 12 Data Analysts People and Services Staff Hiring Managers
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Another role who may come across personal information is an Administration Support Officer 13 When dealing with data I must follow the appropriate steps: • Only use data relevant to my task (e.g. email addresses rather than survey responses). • Ensure I only use data for the purpose for which it was collected. • Make sure the data isn’t saved somewhere where it can be accessed by anyone outside the team responsible for it.
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Recruitment also requires us to work carefully with personal information 14 A reminder: Do not put confidential or personal documents in the recycle box. It must be shredded first. . After receiving applicants’ resumes and identification documents we: • Must secure personal information – lock these away. • Should dispose of them by shredding them once the recruitment process is finished. • Must not disclose any personal information about the candidates to other people who are not part of the recruitment process.
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU The GIPA Act establishes a proactive, more open approach to gaining access to government information in NSW. This is to ensure Government is open, accountable, fair and effective. As part of The Government Information (Public Access) Act 2009 there is a presumption that data can be made readily available if needed 15 http://www.ipc.nsw.gov.au/gipa-act Data released under GIPA is still subject to a privacy test. The GIPA Act • Authorises and encourages the proactive release of information by NSW public sectors. • Gives members of the public a legally enforceable right to access government information. • Ensures that access to government information is restricted only when there is an overriding public interest against release.
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Bradley Cooper’s taxi ride: a lesson in privacy risk. 16 http://www.salingerprivacy.com.au/2015/04/19/bradley-coopers-taxi-ride-a-lesson-in-privacy-risk/ • Salinger Privacy produced an article on privacy risks and ‘open data’. • Bradley Cooper’s taxi ride is a useful reminder of the risks of re-identification of data.
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU 17 We can disclose personal information outside the Department if: It is authorised or required by another law. It is under another exemption, such as law enforcement, research, etc. The information is not “sensitive information” (ethnicity, religion, etc), and disclosure is for the primary purpose for which it was collected. We have the consent of the individual.
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU We can disclose personal information outside the Department 18 When it is: Sensitive info Health info Other personal info with their consent for the purpose for which it was collected for a directly related secondary purpose (within expectations) for the purpose you notified them about authorised or required by another law, or another exemption
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU AGGREGATE DATA • Aggregate data: summary information, for example, data on schools in remote areas, broken down by school year, gender and Indigenous status. • Even with aggregate data, there is a risk that individual students or teachers could be identified from the data. Safeguards must be applied in such cases, with strategies to ‘anonymise’ the data. 19 UNIT RECORD DATA • Unit Record data: about a unique individual contains details that allows an individual to be identified, such as names, or a Student Registration Number. Types of data we deal with:
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU How the data we deal with can be released: 20 AGGREGATE DATA • Aggregate data is released on the basis that: 1. No information that permits the identification of individuals is released 2. Data released is valid and reliable 3. It is of high quality UNIT RECORD DATA • Unit record data may only be released on the basis that it: 1. Complies with privacy principles that says we can disclose personal information.
CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU More information or assistance Personal Information and Privacy Protection Act 1998 (PIPPA) http://www.legislation.nsw.gov.au/inforcepdf/1998-133.pdf?id=1db809e7-46ab-44c1-bce5-d12f0058a002 Health Records and Information Privacy Act 2002 (HRIPA) http://www.austlii.edu.au/au/legis/nsw/consol_act/hraipa2002370/ Department of Education Privacy Management Plan https://www.det.nsw.edu.au/media/downloads/reports_stats/privacy/privacy-management-plan-march-2014.pdf Department of Education Privacy Code of Practice http://www.dec.nsw.gov.au/documents/15060385/15385042/Privacy_code.pdf Department of Education Privacy & Information Access Resources Information Access - https://detwww.det.nsw.edu.au/lists/directoratesaz/legalservices/foi/index.htm (see also link to website) Privacy - https://detwww.det.nsw.edu.au/lists/directoratesaz/legalservices/ls/privacy/index.htm http://www.dec.nsw.gov.au/about-us/plans-reports-and-statistics/privacy Privacy Bulletin - https://detwww.det.nsw.edu.au/media/downloads/directoratesaz/legalservices/ls/privacy/bulletins/bulletin3.pdf Government Information (Public Access) Act 2009 (GIPAA) http://www.legislation.nsw.gov.au/maintop/view/inforce/act+52+2009+cd+0+N 21

Empfohlen

Intro to information governance booklet
Intro to information governance bookletIntro to information governance booklet
Intro to information governance booklet
Gerardo Medina
 
Information governance
Information governanceInformation governance
Information governance
Gerardo Medina
 
DEC Business Intelligence for NSW Public Schools
DEC Business Intelligence for NSW Public SchoolsDEC Business Intelligence for NSW Public Schools
DEC Business Intelligence for NSW Public Schools
NSWCESE
 
Stephen Lamb Presentation at CESE
Stephen Lamb Presentation at CESEStephen Lamb Presentation at CESE
Stephen Lamb Presentation at CESE
NSWCESE
 
How'd you sell that book? A NSW Writers' Centre case study
How'd you sell that book? A NSW Writers' Centre case studyHow'd you sell that book? A NSW Writers' Centre case study
How'd you sell that book? A NSW Writers' Centre case study
Sarah Allen Consulting
 
What works best: Evidence-based practices to help improve NSW student perform...
What works best: Evidence-based practices to help improve NSW student perform...What works best: Evidence-based practices to help improve NSW student perform...
What works best: Evidence-based practices to help improve NSW student perform...
NSWCESE
 
4514611.ppt
4514611.ppt4514611.ppt
4514611.ppt
ssusera4419c
 
GDPRpresentationFeb-Apr2018.pptx
GDPRpresentationFeb-Apr2018.pptxGDPRpresentationFeb-Apr2018.pptx
GDPRpresentationFeb-Apr2018.pptx
pixvilx
 

Empfohlen

Intro to information governance booklet
Intro to information governance bookletIntro to information governance booklet
Intro to information governance booklet
Gerardo Medina
 
Information governance
Information governanceInformation governance
Information governance
Gerardo Medina
 
DEC Business Intelligence for NSW Public Schools
DEC Business Intelligence for NSW Public SchoolsDEC Business Intelligence for NSW Public Schools
DEC Business Intelligence for NSW Public Schools
NSWCESE
 
Stephen Lamb Presentation at CESE
Stephen Lamb Presentation at CESEStephen Lamb Presentation at CESE
Stephen Lamb Presentation at CESE
NSWCESE
 
How'd you sell that book? A NSW Writers' Centre case study
How'd you sell that book? A NSW Writers' Centre case studyHow'd you sell that book? A NSW Writers' Centre case study
How'd you sell that book? A NSW Writers' Centre case study
Sarah Allen Consulting
 
What works best: Evidence-based practices to help improve NSW student perform...
What works best: Evidence-based practices to help improve NSW student perform...What works best: Evidence-based practices to help improve NSW student perform...
What works best: Evidence-based practices to help improve NSW student perform...
NSWCESE
 
4514611.ppt
4514611.ppt4514611.ppt
4514611.ppt
ssusera4419c
 
GDPRpresentationFeb-Apr2018.pptx
GDPRpresentationFeb-Apr2018.pptxGDPRpresentationFeb-Apr2018.pptx
GDPRpresentationFeb-Apr2018.pptx
pixvilx
 
Personal Data Protection Singapore - Pdpc corporate-brochure
Personal Data Protection Singapore - Pdpc corporate-brochurePersonal Data Protection Singapore - Pdpc corporate-brochure
Personal Data Protection Singapore - Pdpc corporate-brochure
Jean Luc Creppy
 
Principles and guidelines and approach for the documents
Principles and guidelines and approach for the documentsPrinciples and guidelines and approach for the documents
Principles and guidelines and approach for the documents
vaanila2023
 
Implementation of Data Privacy and Security in an Online Student Health Recor...
Implementation of Data Privacy and Security in an Online Student Health Recor...Implementation of Data Privacy and Security in an Online Student Health Recor...
Implementation of Data Privacy and Security in an Online Student Health Recor...
Kato Mivule
 
Confidentiality and Data Protection in Health Care
Confidentiality and Data Protection in Health CareConfidentiality and Data Protection in Health Care
Confidentiality and Data Protection in Health Care
Vaileth Mdete
 
Clasify information in education field
Clasify information in education fieldClasify information in education field
Clasify information in education field
Nebojsa Stefanovic
 
Training innovations information governance slideshare 2015
Training innovations information governance slideshare 2015Training innovations information governance slideshare 2015
Training innovations information governance slideshare 2015
Patrick Doyle
 
Data Breach Response Checklist
Data Breach Response ChecklistData Breach Response Checklist
Data Breach Response Checklist
- Mark - Fullbright
 
Uchi data local presentation 2020
Uchi data local presentation 2020Uchi data local presentation 2020
Uchi data local presentation 2020
Christo W. Meyer
 
Data Breach Response Checklist
Data Breach Response ChecklistData Breach Response Checklist
Data Breach Response Checklist
- Mark - Fullbright
 
The 22nd Legal Forum Seminar (Nov 2021)
The 22nd Legal Forum Seminar (Nov 2021)The 22nd Legal Forum Seminar (Nov 2021)
The 22nd Legal Forum Seminar (Nov 2021)
LawPlus Ltd.
 
Student data privacy manifesto
Student data privacy manifestoStudent data privacy manifesto
Student data privacy manifesto
Caitlin Sharp
 
Hivos and Responsible Data
Hivos and Responsible DataHivos and Responsible Data
Hivos and Responsible Data
Tom Walker
 
2021FSAConfSession22.pptx
2021FSAConfSession22.pptx2021FSAConfSession22.pptx
2021FSAConfSession22.pptx
ssuser4102fa
 
Interim ferpa-ppt-for-registrar-site-6-24-14-1
Interim ferpa-ppt-for-registrar-site-6-24-14-1Interim ferpa-ppt-for-registrar-site-6-24-14-1
Interim ferpa-ppt-for-registrar-site-6-24-14-1
UConnPub
 
Discussion2
Discussion2 Discussion2
Discussion2
amberlinn
 
Introduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and RequirementsIntroduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and Requirements
Financial Poise
 
Cscu module 12 information security and legal compliance
Cscu module 12 information security and legal complianceCscu module 12 information security and legal compliance
Cscu module 12 information security and legal compliance
Alireza Ghahrood
 
Data protection
Data protectionData protection
Data protection
jayne45
 
What’s Up eDoc?: A Health IT Privacy Primer
What’s Up eDoc?: A Health IT Privacy PrimerWhat’s Up eDoc?: A Health IT Privacy Primer
What’s Up eDoc?: A Health IT Privacy Primer
MaRS Discovery District
 
Vanessa Baic
Vanessa BaicVanessa Baic
Vanessa Baic
Informa Australia
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdf
AmzadHosen3
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
Eric T. Tung
 

Weitere ähnliche Inhalte

Ähnlich wie Privacy - Useful resources for department staff

Clasify information in education field
Clasify information in education fieldClasify information in education field
Clasify information in education field
Nebojsa Stefanovic
 
Interim ferpa-ppt-for-registrar-site-6-24-14-1
Interim ferpa-ppt-for-registrar-site-6-24-14-1Interim ferpa-ppt-for-registrar-site-6-24-14-1
Interim ferpa-ppt-for-registrar-site-6-24-14-1
UConnPub
 
Introduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and RequirementsIntroduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and Requirements
Financial Poise
 

Ähnlich wie Privacy - Useful resources for department staff (20)

Personal Data Protection Singapore - Pdpc corporate-brochure
Personal Data Protection Singapore - Pdpc corporate-brochurePersonal Data Protection Singapore - Pdpc corporate-brochure
Personal Data Protection Singapore - Pdpc corporate-brochure
 
Principles and guidelines and approach for the documents
Principles and guidelines and approach for the documentsPrinciples and guidelines and approach for the documents
Principles and guidelines and approach for the documents
 
Implementation of Data Privacy and Security in an Online Student Health Recor...
Implementation of Data Privacy and Security in an Online Student Health Recor...Implementation of Data Privacy and Security in an Online Student Health Recor...
Implementation of Data Privacy and Security in an Online Student Health Recor...
 
Confidentiality and Data Protection in Health Care
Confidentiality and Data Protection in Health CareConfidentiality and Data Protection in Health Care
Confidentiality and Data Protection in Health Care
 
Clasify information in education field
Clasify information in education fieldClasify information in education field
Clasify information in education field
 
Training innovations information governance slideshare 2015
Training innovations information governance slideshare 2015Training innovations information governance slideshare 2015
Training innovations information governance slideshare 2015
 
Data Breach Response Checklist
Data Breach Response ChecklistData Breach Response Checklist
Data Breach Response Checklist
 
Uchi data local presentation 2020
Uchi data local presentation 2020Uchi data local presentation 2020
Uchi data local presentation 2020
 
Data Breach Response Checklist
Data Breach Response ChecklistData Breach Response Checklist
Data Breach Response Checklist
 
The 22nd Legal Forum Seminar (Nov 2021)
The 22nd Legal Forum Seminar (Nov 2021)The 22nd Legal Forum Seminar (Nov 2021)
The 22nd Legal Forum Seminar (Nov 2021)
 
Student data privacy manifesto
Student data privacy manifestoStudent data privacy manifesto
Student data privacy manifesto
 
Hivos and Responsible Data
Hivos and Responsible DataHivos and Responsible Data
Hivos and Responsible Data
 
2021FSAConfSession22.pptx
2021FSAConfSession22.pptx2021FSAConfSession22.pptx
2021FSAConfSession22.pptx
 
Interim ferpa-ppt-for-registrar-site-6-24-14-1
Interim ferpa-ppt-for-registrar-site-6-24-14-1Interim ferpa-ppt-for-registrar-site-6-24-14-1
Interim ferpa-ppt-for-registrar-site-6-24-14-1
 
Discussion2
Discussion2 Discussion2
Discussion2
 
Introduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and RequirementsIntroduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and Requirements
 
Cscu module 12 information security and legal compliance
Cscu module 12 information security and legal complianceCscu module 12 information security and legal compliance
Cscu module 12 information security and legal compliance
 
Data protection
Data protectionData protection
Data protection
 
What’s Up eDoc?: A Health IT Privacy Primer
What’s Up eDoc?: A Health IT Privacy PrimerWhat’s Up eDoc?: A Health IT Privacy Primer
What’s Up eDoc?: A Health IT Privacy Primer
 
Vanessa Baic
Vanessa BaicVanessa Baic
Vanessa Baic
 

Kürzlich hochgeladen

Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
amitlee9823
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
amitlee9823
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
Workforce Group
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
dlhescort
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
Aggregage
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Sheetaleventcompany
 
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Anamikakaur10
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
lizamodels9
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
amitlee9823
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
uneakwhite
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
ritikaroy0888
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
rajveerescorts2022
 

Kürzlich hochgeladen (20)

John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdf
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
Falcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in indiaFalcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in india
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
 
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investors
 

Privacy - Useful resources for department staff

  • 1. About Privacy A resource for Departmental Staff
  • 2. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Understanding privacy obligations is important for all staff The Department of Education collects and manages a vast amount of information, much of it personal information about its staff, students and parents. As an employee, it is vital that you understand how to work with this information. 2
  • 3. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Which laws, regulations and guidelines set out Information Access and Privacy protocols? 3 Privacy and Personal Information Protection Act 1998 (PPIP) Government Information (Public Access) Act 2009 (GIPA) Health Records and Information Privacy Act 2002 (HRIP) GIPA Act Regulations Agency Privacy Management Plans (PMP) Privacy codes of practice Commissioner’s guidelines
  • 4. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU What is personal information? 4 Personal information is information or an opinion about an individual. The individual’s identity needs to be apparent or reasonably ascertainable.
  • 5. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Sensitive and Health Information are types of personal information that require extra protection 5 Sensitive Information “Ethnic or racial origin, political opinions, religious or philosophical beliefs, ATSI status, country of birth, LBOTE and chosen/preferred SRE class” (s.19(1) PPIP Act) PPIPA Privacy and Personal Information Protection Act 1998 Health Information Information about an individual’s health, disability or health services (s.6 HRIP Act) HRIPA Health Records and Information Protection Act 2002 Note: The extra protection categories do not mean that these types of personal information can never be collected, used or disclosed. They just have tougher rules, so extra care is needed with these categories.
  • 6. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Collecting personal information is regulated by rules known as Privacy Principles 6 The information must: 1) Fulfil a lawful purpose 2) Be relevant 3) Be accurate It must not: 1) Be excessive 2) Be intrusive to an unreasonable extent on the personal affairs of the subject EXAMPLE Enrolment data, such as names, addresses, medical information, etc. is clearly authorised by the Department’s governing and other legislation for the purpose of operating schools effectively and safely.
  • 7. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Personal information should only be used for the primary purpose for which it was collected, unless: 7 The person has consented Where authorised or required by another law It is for a directly related secondary purpose within their reasonable expectations To deal with a serious and imminent threat to any person
  • 8. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Questions we must ask when collecting and using personal information include: 8 Is it reasonably necessary to include this particular data? If the Department received a complaint about breaching privacy, could we reasonably argue that the use or disclosure was necessary for us to do our core business? Is this data ‘directly related’ to my work?
  • 9. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Any information collected by the Department can only be used for limited purposes 9 Operational (School-level) • Allocation of classes • Determining demand for special religious education classes • Arranging for interpreters when needed for parent teacher interviews • Managing students with safety risks e.g. allergies Strategic (Departmental-level) • The calculation of the family occupation and education index (FOEI) for each school. • The allocation of resources for each school. For example: Enrolment data is collected for a primary purpose, which is to enrol a student. However, there are a range of directly related secondary purposes for which that data can be used, such as:
  • 10. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU When collecting data, it is important that we tell people how we will use their information 10 • General student administration relating to the education and welfare of the student. • Communication with students and parents or carers. • To ensure health, safety and welfare of students, staff and visitors to the school. • State and National Reporting purposes.
  • 11. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU 11 It allows staff to be aware of what data we have. The Business Unit knows who to go to for help or access to certain information. The privacy status for the dataset is made explicit. It identifies whether general release to the public is allowed (at an aggregated level, for instance). The Department’s Information Asset Register tells us what data we have and how we are protecting it
  • 12. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Some roles are more likely to deal with personal information on a daily basis 12 Data Analysts People and Services Staff Hiring Managers
  • 13. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Another role who may come across personal information is an Administration Support Officer 13 When dealing with data I must follow the appropriate steps: • Only use data relevant to my task (e.g. email addresses rather than survey responses). • Ensure I only use data for the purpose for which it was collected. • Make sure the data isn’t saved somewhere where it can be accessed by anyone outside the team responsible for it.
  • 14. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Recruitment also requires us to work carefully with personal information 14 A reminder: Do not put confidential or personal documents in the recycle box. It must be shredded first. . After receiving applicants’ resumes and identification documents we: • Must secure personal information – lock these away. • Should dispose of them by shredding them once the recruitment process is finished. • Must not disclose any personal information about the candidates to other people who are not part of the recruitment process.
  • 15. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU The GIPA Act establishes a proactive, more open approach to gaining access to government information in NSW. This is to ensure Government is open, accountable, fair and effective. As part of The Government Information (Public Access) Act 2009 there is a presumption that data can be made readily available if needed 15 http://www.ipc.nsw.gov.au/gipa-act Data released under GIPA is still subject to a privacy test. The GIPA Act • Authorises and encourages the proactive release of information by NSW public sectors. • Gives members of the public a legally enforceable right to access government information. • Ensures that access to government information is restricted only when there is an overriding public interest against release.
  • 16. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU Bradley Cooper’s taxi ride: a lesson in privacy risk. 16 http://www.salingerprivacy.com.au/2015/04/19/bradley-coopers-taxi-ride-a-lesson-in-privacy-risk/ • Salinger Privacy produced an article on privacy risks and ‘open data’. • Bradley Cooper’s taxi ride is a useful reminder of the risks of re-identification of data.
  • 17. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU 17 We can disclose personal information outside the Department if: It is authorised or required by another law. It is under another exemption, such as law enforcement, research, etc. The information is not “sensitive information” (ethnicity, religion, etc), and disclosure is for the primary purpose for which it was collected. We have the consent of the individual.
  • 18. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU We can disclose personal information outside the Department 18 When it is: Sensitive info Health info Other personal info with their consent for the purpose for which it was collected for a directly related secondary purpose (within expectations) for the purpose you notified them about authorised or required by another law, or another exemption
  • 19. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU AGGREGATE DATA • Aggregate data: summary information, for example, data on schools in remote areas, broken down by school year, gender and Indigenous status. • Even with aggregate data, there is a risk that individual students or teachers could be identified from the data. Safeguards must be applied in such cases, with strategies to ‘anonymise’ the data. 19 UNIT RECORD DATA • Unit Record data: about a unique individual contains details that allows an individual to be identified, such as names, or a Student Registration Number. Types of data we deal with:
  • 20. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU How the data we deal with can be released: 20 AGGREGATE DATA • Aggregate data is released on the basis that: 1. No information that permits the identification of individuals is released 2. Data released is valid and reliable 3. It is of high quality UNIT RECORD DATA • Unit record data may only be released on the basis that it: 1. Complies with privacy principles that says we can disclose personal information.
  • 21. CENTRE FOR EDUCATION STATISTICS AND EVALUATION WWW.CESE.NSW.GOV.AU More information or assistance Personal Information and Privacy Protection Act 1998 (PIPPA) http://www.legislation.nsw.gov.au/inforcepdf/1998-133.pdf?id=1db809e7-46ab-44c1-bce5-d12f0058a002 Health Records and Information Privacy Act 2002 (HRIPA) http://www.austlii.edu.au/au/legis/nsw/consol_act/hraipa2002370/ Department of Education Privacy Management Plan https://www.det.nsw.edu.au/media/downloads/reports_stats/privacy/privacy-management-plan-march-2014.pdf Department of Education Privacy Code of Practice http://www.dec.nsw.gov.au/documents/15060385/15385042/Privacy_code.pdf Department of Education Privacy & Information Access Resources Information Access - https://detwww.det.nsw.edu.au/lists/directoratesaz/legalservices/foi/index.htm (see also link to website) Privacy - https://detwww.det.nsw.edu.au/lists/directoratesaz/legalservices/ls/privacy/index.htm http://www.dec.nsw.gov.au/about-us/plans-reports-and-statistics/privacy Privacy Bulletin - https://detwww.det.nsw.edu.au/media/downloads/directoratesaz/legalservices/ls/privacy/bulletins/bulletin3.pdf Government Information (Public Access) Act 2009 (GIPAA) http://www.legislation.nsw.gov.au/maintop/view/inforce/act+52+2009+cd+0+N 21