- Title page
- Purpose of the Protocols
- Implementation and Breaches of the Access, Security and Privacy Protocols
- Methods of Minimising Risk of Disclosure
- Statutory Background
- Review of the Protocols
- Appendix 1: Breach / Termination Of Contract
- Appendix 2: Secure Environment Guidelines
- Appendix 3: Confidentiality Agreement Form
- Appendix 4: Terms and Conditions for use of Human Resources Capability (HRC) Survey information by Central Agency staff
Methods of Minimising Risk of Disclosure
Departments submit the data to the SSC through a website and using encryption software. The encryption method ensures that data cannot be altered or viewed while it is being transferred.
For data management purposes, supplying departments provide a unique identifier for each record. In most cases, this identifier will be the payroll number. Direct identifiers such as names and addresses are not provided. Only supplying departments can link these identifiers to particular individuals and this information is not provided to the SSC. The identifiers are used to validate the data.
The steward and the custodians of the information are the only people who have access to the unit record data. The State Services Commissioner is the steward of the information. The custodians of the data are authorised staff members, designated from time to time by the Commissioner, and may include contractors and secondees granted access to work with this data for legitimate purposes. They have access to the unit level data for the purposes of further in-depth analysis and to manage the data.
The data are stored at the SSC. The database is subject to the SSC's storage and backup protocols, and only the database administrator has direct access to its tables and structure.
From time to time, authorised users of the data (either employees or contractors) may require a copy of the dataset for analysis (off-site access). The guiding principle here is one of "safe custody". The SSC must be assured that the data is going into safe custody before access is granted. The general principles that the SSC expects a contractor or an employee to follow to implement a secure environment for off-site use are attached as Appendix 2.
Where contractors require off-site access, the dataset will be limited to information required to complete the contract, and other variables will be deleted.
The SSC relies on departments that provide personal information to ensure, as far as possible, the data are accurate. Validity testing procedures are used to check the data accuracy, and where errors are discovered they are referred back to the supplying departments. The SSC will only alter departmental data with the agreement of the supplying department, as they are the owners of the data. Because the collection is anonymous the SSC cannot alter information at the request of an individual employee, as we have no way of identifying the individual's record.