Use and Disclosure
The public authority employees are only provided with or have access to the personal information that is necessary for them to carry out their functions within the Department. All employees are bound to maintain appropriate confidentiality in relation to information acquired in carrying out their duties.
Personal information will be used only for the purposes described in the Information Collected section above. Personal information will only be disclosed with the person's consent, or if it is required by or authorised by law.
There may be a need or requirement to disclose some or all of the personal information the public authority collects to contractors and agents of the Department, law enforcement agencies, courts, or other public sector bodies.
Personal information collected and used in research, statistical analysis, state or national reporting, awareness programs, public statements or training in a de-identified form, so that the person to whom it relates cannot be identified, ceases to be 'personal information' for the purposes of the PIP Act.
Personal information in written submissions on policy matters or matters of public consultation may be disclosed in reports that are made public, unless the submission was submitted and/or accepted on a confidential basis.
Security of Personal Information
The public authority uses a number of procedural, physical, and technical safeguards, including access controls, secure methods of communication and back-up and recovery systems to protect information from misuse and loss, unauthorised access, modification and disclosure.
Generally, there is an intention that information is destroyed or permanently de-identified when it is no longer required, but this can only be done in accordance with processes approved by the State Archivist under the Archives Act 1983.