3. Best practice guidelines
A comprehensive set of guidelines describing best practice for data integration projects involving Commonwealth data for statistical and research purposes will be jointly developed by a cross government working group and approved by the Board. These guidelines will build upon already available guidelines (e.g. National Statement on Ethical Conduct in Human Research, related guidelines of the Office of the Privacy Commissioner, and agency specific guidelines and proformas).
The guidelines will be considered in conjunction with legislation relevant to the data custodians, data providers and the integrating authority.
The guidelines will cover such areas as:
- Privacy including Privacy Impact Assessments and the protection of privacy in medical research (1)
- Agreements – between data custodians and the integrating authority; or with end users
- Responsibilities of custodians and integrating authorities including accreditation criteria and accreditation process
- Handling of identifiers and application of the separation principle, for example, the separation of identifiers and key demographic data used for linking (e.g. date of birth) from the individual content or event information (e.g. clinical or benefit information)
- Minimum standards for the secure management of data during and after integration, including the exchange of sensitive data across agencies
- Minimum standards for consent to access Commonwealth data
- Confidentialising of integrated data sets and research outputs
- Managing access and use of integrated data sets
- Minimum standards for data destruction or review.
The guidelines will be developed progressively, commencing in 2011 with guidelines relating to integrating authorities. They will be made publicly available on an internet site, and maintained by the Secretariat to the Board.
(1) Privacy Act 1988 Section 95 Medical Research Guidelines available at
Return to Contents Page