All integrating authorities are required to have a policy environment that provides strong support to ensure that no identifiable data is disclosed. To achieve this, integrating authorities should have policies and protocols covering areas including:
- use of ethics committees (if applicable);
- data linkage, merging and application of the separation principle – see project delivery;
- confidentiality and privacy – see the confidentiality section;
- data security, including both physical and IT security systems ;
- data transfer;
- data destruction and storage – see Information and communication technology security;
- data breaches;
- (data) return to source – the High Level Principles for Data Integration Involving Commonwealth Data (Principle 5 – Statistical and Research Purposes) note that there must be no feedback of information relating to individuals or individual businesses from the statistical data integration project back to the originating administrative sources, unless that feedback was derived from a single source and is returning the same data to the source;
- transparency;
- audit and review processes;
- data access; and
- project governance.
Accredited Integrating Authorities must meet a range of criteria that demonstrate they have the legislative and policy environment to support these elements. For information on the approaches that accredited Integrating Authorities have taken to ensure these areas are well managed, please see the summarised versions of their applications for accreditation.
For more information on the role of integrating authorities see:
- Drafting project agreements
- Manage datasets for the duration of data integration projects
- A protective policy environment
- Technical infrastructure and expertise
- Technical resources for integrating authorities
- The separation principle
- Transparency in operations