Now that we have completed the January to June reporting period, and have already started work on the July to December period, organisations are reminded of their privacy obligations that they should not share log on details between staff. It is important to note that, at no time should service providers provide identifiable client information to the Department outside of the Data Exchange, for instance as part of telephone or email communications. Each person accessing the Data Exchange is required to have their own user account, and should not share log on details between staff. This requirement protects client privacy, ensures client consent is appropriate and provides transparency for organisations in the management of their data.
More information about privacy can be found in:
- A factsheet on how privacy is protected in the Data Exchange, to aid organisations conversations about privacy with their clients;
- The Privacy Impact Assessment, which confirms the Data Exchange is operating in line with the Privacy Act 1988.