Privacy and Responsible Information Sharing Policy - Policies

资产发布器

1. Policy statement

The Department of Education (the Department) is committed to protecting the privacy of personal and health information it collects, holds, manages, uses, discloses and shares, in accordance with relevant legislation and policies, in the fulfilment of its functions and activities.

2. Policy rules

All employees must manage personal, including sensitive, and health information in accordance with the Privacy and Responsible Information Sharing (PRIS) Framework.

3. Responsibility for implementation and compliance

All employees are responsible for implementing this policy.

The Information Privacy and Governance team is responsible for compliance monitoring.

4. Scope

This policy applies to all employees.

5. Definitions

Personal Information

Personal Information means information or an opinion, whether true or not, and whether recorded in material form or not, that relates to an individual, whether living or dead, whose identity is apparent or can reasonably be ascertained from the information or opinion, and includes:

a name, date of birth or address
a unique identifier, online identifier or pseudonym
contact information
information that relates to an individual’s location
technical or behavioural information in relation to an individual’s activities, preferences or identity
inferred information that relates to an individual, including predictions in relation to an individual’s behaviour or preferences and profiles generated from aggregated information
information that relates to one or more features specific to the physical, physiological, genetic, mental, behavioural, economic, cultural or social identity of an individual

Sensitive Personal Information

Sensitive Personal Information means personal information that relates to an individual’s:

racial or ethnic origin
gender identity (when differs from designated sex at birth)
sexual orientation or practices
political opinions or memberships of a political association
religious beliefs or affiliations
philosophical beliefs
memberships of a professional or trade association or trade union
criminal record
health information or genetic information
biometric information that is to be used for the purpose of automated biometric verification or biometric identification
biometric templates.

Health Information

Health Information means personal information that relates to an individual’s health, illness, disability or injury. This includes an individual’s expressed wishes about the future provision of health services, or a health service provided or to be provided to an individual. Health information also includes other personal information collected, to provide, or in providing, a health service to an individual.

For example, health information may include:

notes of symptoms or diagnosis
specialist reports and test results
prescriptions and other pharmaceutical purchases
dental records
appointment and billing details
information collected in connection with donations or intended donations of organs, body parts or body substances
genetic information that is, or could be, predictive of the health of an individual or a genetic relative of an individual.