Ministers' Office Handbook
About this Privacy Management Plan
This Privacy Management Plan (‘the Plan’) applies to the staff of political office holders under Part 2 of the Members of Parliament Staff Act 2013 (‘Ministerial offices’). The purpose of this Plan is:
- to demonstrate how Ministerial offices uphold and respect the privacy of citizens, staff and others about whom the offices hold personal information, and
- to explain to staff of Ministerial offices how they can meet their privacy obligations under the Privacy and Personal Information Protection Act 1998 (NSW) (‘the PPIP Act’) and the Health Records and Information Privacy Act 2002 (NSW) (‘the HRIP Act’).
Ministerial offices collect, hold, use and disclose personal information for the purpose of carrying out their functions.
Ministers and their staff are required to comply with the PPIP and HRIP Acts. Both of these Acts prescribe ‘privacy principles’. The PPIP Act covers personal information other than health information and requires agencies to comply with twelve information protection principles (‘IPPs’) that cover the full ‘life-cycle’ of information from the point of collection through to the point of disposal.
Both the PPIP Act and the HRIP Act contain criminal offences applicable to staff who use or disclose personal information or health information without authority. For example, there are criminal offences relating to:
- the corrupt disclosure and use of personal and health information by public sector officials, and
- offering to supply personal or health information that has been disclosed unlawfully.
Personal informationmeans ‘information or an opinion … about an individual whose identity is apparent or can reasonably be ascertained from the information or opinion’.
In every case, it is necessary to consider whether each item of information, individually or in combination with other items, is ‘about an individual’. Ministerial offices must evaluate the facts of individual cases before deciding if information is ‘personal information’, in the same way that they are required to determine whether the identity of the individual can reasonablybe ascertained.
For example, personal information can include information that is recorded (e.g. on paper or in a database), but also information that is not recorded (e.g. verbal conversations). It can even include physical things like a person’s fingerprints, tissue samples or DNA. The important thing is that it is ‘about an individual’ and their identity can reasonably be ascertained from it.
Some things are exempt from being ‘personal information’ including information about a person who has been dead for more than 30 years and information about an individual in a document kept in a library, art gallery or museum for the purposes of reference, study or exhibition.
Principle 1: Limiting the collection of personal information
Ministerial offices will only collect personal information if:
- it is for a lawful purpose that is directly related to their functions, and
- it is reasonably necessary to have the information.
Ministerial offices will avoid collecting sensitive personal information and won’t ask for personal information unless it is needed.
Principle 2: Anonymity
Ministerial offices will allow people to receive services anonymously where lawful and practicable.
Principle 3: Unique identifiers
Ministerial offices will only identify people by using unique identifiers if it is reasonably necessary for their functions. Identifiers can assist with efficient records management but they also pose privacy risks by being able to match large quantities of data from different sources.
Principle 4: Collecting personal information
Ministerial offices will collect personal information directly from the person that it is about. A person may however authorise another person to provide personal information on their behalf, or in the case of a child under 16 years old information may be collected from their parent or guardian.
Ministerial offices will not collect personal information by unlawful means or information that is intrusive or excessive. All personal information that is collected must be relevant, accurate, up-to-date, complete and not misleading.
Principle 5: Notification
When collecting personal information Ministerial offices will take reasonable steps to tell the person:
- who will hold and/or have access to their personal information,
- what it will be used for,
- what other organisations (if any) routinely receive this type of personal information,
- whether the collection is required by law,
- what the consequences will be for the person if they do not provide the information, and
- how the person can access their personal information.
Principle 6: Security safeguards
Ministerial offices will take all security measures that are reasonable to protect personal information from loss, unauthorised access, use, modification or disclosure. This includes where the Ministerial office engages third-parties to perform services for or on their behalf.
Ministerial offices will ensure personal information is stored securely, not kept longer than necessary, and disposed of securely and appropriately.
Principle 7: Transparency
Ministerial offices will enable anyone to know:
- whether they are likely to hold their personal information,
- the purposes for which they use personal information, and
- how a person can access their own personal information.
Principle 8: Access
Ministerial offices will allow people to access their personal information without unreasonable delay or expense. Access will only be refused where authorised by law and written reasons will be provided.
Principle 9: Correction
Ministerial offices will allow people to update or amend their personal information to ensure that it is accurate, relevant, up-to-date, complete and not misleading.
If a Ministerial office is not prepared to amend an individual’s personal information they will instead allow the person to attach a statement setting out the amendments sought to the record.
Principle 10: Accuracy
Before using or disclosing personal information Ministerial offices will take reasonable steps to ensure that the information is relevant, accurate, up-to-date, complete and not misleading.
Principle 11: Use
Ministerial offices may use personal information for:
- the primary purpose for which it was collected,
- a directly related secondary purpose within the reasonable expectations of the person, or
- another purpose if the person has consented.
Principle 12: Disclosure
Ministerial offices will only disclose personal information if:
- at the time they collected their information, the person was given a privacy notice informing them their personal information would or might be disclosed to the proposed recipient, or
- the disclosure is directly related to the purpose for which the information was collected, and the office has no reason to believe that the individual concerned would object to the disclosure, or
- the person concerned has consented to the proposed disclosure.
Any person may make a privacy complaint by applying for an internal review of the conduct they believe breaches an IPP and/or an HPP. All written complaints about privacy are considered to be an application for internal review. Ministerial offices are required to follow the requirements in Part 5 of the PPIP Act when carrying out an internal review.
Making a complaint – internal review
An application for internal review must:
- be in writing,
- be addressed to the Ministerial office being complained about,
- specify an address in Australia at which the applicant is to be notified of the outcome, and
- be lodged at the Ministerial office being complained about within six months from the time the applicant first became aware of the conduct that they want reviewed.
An application for internal review may be made on behalf of someone else.
The Ministerial office being complained about may accept late applications.
Internal reviews should follow the process set out in the NSW Information and Privacy Commission’s Internal Review Checklist.
When the internal review is completed the applicant should be notified in writing of:
- the findings of the review,
- the reasons for the finding, described in terms of the IPPs and/or HPPs,
- any action the Ministerial office being complained about proposes to take or has taken,
- the reasons for the proposed action(s) (or no action), and
- the applicant’s entitlement to have the findings and the reasons for the findings reviewed by the NSW Civil and Administrative Tribunal.
A copy of the notification should be forwarded to the Privacy Commissioner.
External review by the NSW Civil and Administrative Tribunal
After an internal review is completed, the applicant may apply to the NSW Civil and Administrative Tribunal (‘the NCAT’) for an external review. Generally a person has 28 days from the date of the internal review decision to seek an external review. In an external review, the NCAT may decide:
- not to take any action,
- to require the Ministerial office being complained about to stop any conduct or action which contravenes an IPP or HPP,
- to require the performance of an IPP or HPP,
- to correct information that has been disclosed, or
- to take steps to remedy loss or damage.
The NCAT may also require a Ministerial office to pay damages of up to $40,000 if the applicant has suffered financial loss or psychological or physical harm as a result of the conduct.
Information about review in the NCAT can be found in: Steps in a privacy matter.