Home  /  About Us  /  Privacy and Security

Privacy and Security

The primary objective of the PHRN and its Data Linkage Units is to provide approved access to reliable health and health related information for research projects that will benefit the Australian community and are conducted in a way that maximises the protection of peoples' privacy.

The continued protection of personal information, the preservation and respect of individual privacy and the implementation of a secure data management system are all critical to the success of the PHRN and its operating nodes and data linkage units.

The PHRN has implemented a number of procedures to ensure the best possible privacy and security practices are in place:

  • a privacy management framework
  • a range of privacy, security, communication and information management policies (read more)
  • ongoing privacy impact assessments
  • a legal consultant specialising in privacy issues to advise and guide on policy and practice
  • an Ethics, Privacy and Consumer Engagement Advisory Group (read more)
  • consumer representatives to provide advice and training
  • leading edge technology to ensure information technology, software and data management systems meet the highest security standards
  • a public website to educate and inform, including a 'Frequently Asked Questions' section (read more)
  • an extensive governance and management system in place to ensure accountability (read more).

The PHRN data linkage process is subject to a wide range of legislation and laws aimed at protecting the data used and peoples' privacy. The work carried out by the PHRN is governed and controlled by a number of legal, contractual, criminal and confidentiality laws and regulations. Due to the national makeup of the PHRN, the linkage units and project participants must satisfy many regulations to ensure safe and secure handling of data.

Data collections used for health research are generally covered by specific legislation. The legislation authorises the collection and use of information in these statutory data collections without the consent of individuals due to the strong public interest and value in the use of the data for the health and well-being of all Australians.

In addition, the PHRN is involved in ongoing consultation with consumer and community representatives so that its management understands and responds effectively to public views and queries (read more).

Best Practice Privacy-Preserving Protocol

Prior to the introduction of data linkage it was common practice to provide researchers with complete data sets or collections containing both the content information (health information such as diagnosis and treatment) and personal information (eg name, address, date of birth)

A strength of the PHRN data linkage process is that it enables population level research to be conducted under a secure system aimed at protecting a person's identity. This is done by the use of linkage keys which replace personal information in health records, allowing records from the same person to be extracted from different data collections whilst protecting their identity (read more about the data linkage process).

The separation of this identifying information serves as the basis for a robust privacy-preserving 'best practice' protocol which the PHRN and each of the state and territory data linkage units apply.

Governance, Policies and Contracts

PHRN governance arrangements ensure that the responsibilities for the protection of privacy are clearly defined and allocated. This is achieved using contracts to bind participating organisations and individuals to privacy obligations. Participants must also comply with a comprehensive list of agreed PHRN policies including Privacy, Ethics and Scientific Review, Consumer and Community Participation, and Security.

(For more information on the PHRN Policies click here)

In addition:

  • All of the collaborating institutions in the PHRN are bound by funding agreements which contain privacy conditions, including the obligation to comply with the Information Privacy Principles in the Privacy Act 1988 (Commonwealth).
  • PHRN data linkage staff with access to personal health information are required to sign confidentiality agreements
  • Researchers who are provided with approved health data are required to also sign confidentiality agreements.

Managing access to information

Applications for access to data are carefully scrutinised. Applications must be reviewed by the data custodian in charge of the records and by a Human Research Ethics Committee (HREC) to ensure that only the information absolutely necessary for the fulfilment of the research project is provided.

The use, disclosure and retention of information is also limited. For example:

  • Researchers are only permitted to use the information for the particular project they have received approval for, and in the precise way that has been approved
  • Each researcher working on a project must be identified and approved and the information may not be given to another person
  • The information may only be kept for the period of time approved for the research project and it must then be returned to the data custodian or destroyed. This condition is managed by either the contract the researcher has with a data custodian, their HREC approval conditions or by arrangement with the data linkage unit

Both the HREC and the data custodians have the right to audit/monitor/check that the researchers are adhering to the agreed security and data disposal plans. If the researchers don't follow the agreed plans they will be in breach of both their contracts with the data custodians and their HREC approval.

Potential consequences of non-compliance include:

  • HREC approval suspended or withdrawn (this would stop the researchers completing the project or publishing the results)
  • Data custodians refusing to provide data to the researcher in the future
  • Data custodians refusing to provide data to the researcher's institution in the future
  • Legal action over the breach of contract.

In addition, the PHRN is supporting the effective implementation of its privacy policies by designing and organising appropriate training for researchers using the PHRN infrastructure to access national data. Training will also be offered to members of Human Research Ethics Committees to improve understanding of data linkage and the protection of privacy within it. (read more)

Privacy Impact Assessments

Privacy Impact Assessments (PIA's) are an important tool in understanding and addressing the privacy impacts of the work of the PHRN. PIA's provide a point-of-time assessment of privacy matters including perceived risks relating to legal compliance, security and the meeting of community expectations. The PHRN is commissioning PIA's at a number of stages in the development of the Network to ensure privacy requirements continue to be met.

Security

The PHRN has been developing a robust data information security program designed to offer the highest level of protection to data involved in linkage and research.

Information security controls used by the PHRN's Data Linkage Units (DLU's) can be divided into four key categories:

Physical Security - DLU's must ensure strict security barriers and entry controls are in place at all locations where data records are stored

IT Security - Stand-alone networks, firewalls, password protection, anti-viral software and encryption for data transfer must be standard practice at all PHRN DLU's

Personnel Security - access to data limited to those personnel whose work responsibilities specifically require it

Administrative Security - extensive work has been completed on a range of approved written policies, procedures, standards, guidelines, security training, and risk assessments that will help guide the ongoing security management of all PHRN DLU's. External reviews have also been completed.

There are a number of security measures also undertaken to ensure the data remains safe once provided to the approved researchers. These include:

  • approval of security plans from Human Research Ethics Committees and data custodians
  • legally binding contracts and confidentiality agreements with data custodians
  • successful completion of compulsory online researcher training covering privacy and security
  • receive data from custodians in encrypted format