How we manage your personal and health information

How DCS manages your personal and health information

The section provides an overview of how we manage personal and health information in accordance with the information protection principles and health privacy principles in the privacy legislation. 

Collection 

We collect personal and health information that is reasonably necessary to fulfil our functions and activities through lawful means. We provide the required notice at the time of collection or as soon as reasonably practicable.

A privacy collection notice is a statement notifying a person of what they need to know when we are collecting their personal information. This includes what personal information we are collecting, why we are collecting it and how we will be using it. This notice may appear on application forms, on a web page, recorded message or in a verbal notice (via phone scripts).

We will ensure that when we design forms, communicate with members of the public (face to face, over the telephone and in writing), and collect information from individuals we do not seek personal or health information that is intrusive or excessive, and that the personal and health information we do collect is relevant, accurate, up-to-date and complete.

We avoid collecting sensitive information if we do not need it. Sensitive information is personal information relating to an individual’s ethnic or racial origin, political opinions, religious or philosophical beliefs, trade union membership or sexual activities. 

We generally collect personal or health information directly from the person. We generally provide a privacy collection notice when we collect personal information unless it is not required.

We only collect information from a third party where:

• the person has authorised collection of the information from someone else
• the person is under 16 years of age – we may then collect personal information from the person’s parent or guardian
• in the case of health information, it would be unreasonable or impracticable to collect information from an individual. If this is the case, we take reasonable steps to ensure that individual is aware of the collection

The NSW Health Privacy Manual for Health Information provides other examples of when it might be “unreasonable or impractical” to collect health information directly from the person.

If your information is to be used for a purpose other than what it is collected for, your consent is required to be specifically sought. This consent will be in addition to any privacy statement or collection notice. Consent means ‘express consent or implied consent’ and should:

• adequately inform you prior to giving consent
• be provided voluntarily
• be current and specific
• consider your capacity to understand and communicate your consent.

You can provide express consent either orally or in writing. Implied consent arises where it may be reasonable inferred in the circumstances from your conduct or actions. Silence is not consent. ‘Voluntarily’ should be understood to mean that there was a genuine opportunity for you to provide or withhold your consent. Consent is not voluntary where there is pressure that could overpower your will.

Storage and security 

DCS takes reasonable security safeguards to protect personal and health information against loss, unauthorised access, use, modification, or disclosure. We will ensure personal and health information is stored securely, not kept longer than necessary, and disposed of appropriately. 

We maintain security measures, including technical, physical and administrative actions, to protect information from unauthorised access and misuse. 

Examples of how we secure and retain personal information include: 

• maintaining and continually improving information security management systems that comply with ISO/IEC 27001:2022 standard
• aligning our obligations under the Cyber Security Policy
• Complying with DCS’s obligations under the State Records Act NSW
• Adopting best practice in the storage, retention and disposal of personal and health information in accordance with the DCS Records Management policy.
• providing mandatory information security awareness training to DCS employees. 

Access and accuracy  

Accuracy 

Before using personal or health information we take reasonable steps to ensure that the information is relevant, accurate, up-to-date, complete and not misleading. We ensure the accuracy of the information by collecting it directly from individuals if possible.

Transparency 

We tell you what personal information about you is being stored, why it is being used and your rights to access it. You can make enquiries at any time to find out if we hold personal or health information about you.

Access 

Once we have confirmed your identity, you may access your personal and health information without unreasonable delay or expense. We will only refuse access where authorised by law, and we will provide written reasons, if requested. 

Amendment 

Once we have confirmed your identity, you may update or amend your personal or health information held by us to ensure it is accurate, relevant, up-to-date, complete and not misleading. We encourage you to contact us when your information changes.

If the information we hold is accurate, relevant, up-to-date, complete and not misleading but you insist on an amendment, we can decline to make any changes. However, you may be able to add a statement to our records. For example, it may be appropriate to attach a statement, instead of amending information, for a disputed medical diagnosis or for a person with a criminal record maintaining their innocence.

How your information is used

When we talk about ‘use’ of personal and health information, it refers to the way we handle and share information within DCS to perform our functions. This includes providing information to contractors engaged by DCS to manage information on our behalf in circumstances where DCS retains control over the handling and use of the information.

Generally, we only use personal and health information for the purpose for which it was collected. The purpose should be set out in the privacy notice at the time of collection.

We may use personal and health information:

• for the primary purpose for which it was collected
• for a directly related secondary purpose
• another purpose where it is reasonably necessary to prevent or lessen a serious and imminent threat to life or health
• another purpose for which the person has consented
• another purpose where permitted by law.

We may also use personal and health information for a directly related secondary purpose. A directly related secondary purpose is a purpose that is very closely related to the purpose for collection and would be the type of purpose that people would quite reasonably expect their information to be used for. For example, information collected during the licence application process may be used to send licence renewal notices. Further to the circumstances set out above, we may also use health information to lessen or prevent a serious threat to public health or safety; management of health services; training; research purposes; finding a missing person; for law enforcement purposes and in respect of suspected unlawful activity, unsatisfactory professional conduct or breach of discipline.

Disclosure 

Disclosure is different to 'use'. We may disclose information when we disclose it to someone outside the agency.

Stricter rules apply to specific information.

We can generally disclose health information when the person has consented to the disclosure; the disclosure is directly related to the purpose for which it was collected, and the individual would reasonably expect us to disclose the information for that purpose; or the disclosure is necessary to prevent or lesson a serious or imminent threat to life, health or safety. 

Disclosing sensitive information (e.g. a person’s ethnic or racial origin, political opinions, religious or philosophical beliefs, trade union membership or sexual activities) is generally only allowed with the person’s consent.

We can generally only disclose personal or health information to someone outside NSW, or to a Commonwealth agency if one of the following applies:

• they are subject to a law, scheme or contract that upholds principles substantially similar to the information privacy principles
• the individual concerned has consented
• if it is necessary for a contract with (or in the interests of) the individual concerned
• if it will benefit the individual concerned and it is impracticable to obtain their consent but we believe the person would be likely to give their consent
• this disclosure is reasonably believed by the public sector agency to be necessary to lessen or prevent a serious and imminent threat to the life, health or safety of the individual or another person
• we have taken reasonable steps to ensure the information won’t be dealt with inconsistently with the information privacy principles e.g. we have bound the recipient by contract to privacy obligations equivalent to the principles, or
• if it is permitted or required by legislation or any other law.

Requests for personal or health information from outside bodies, including from government agencies, will be assessed to determine whether we are permitted to provide the information.

Health information and identifiers 

In relation to health information, we generally do not identify individuals by using unique identifiers to carry out our functions. We do not provide health services, except to employees through contracted service providers and it would not be practicable in these circumstances to allow individuals to remain anonymous. We may collect identifiers from third parties. Identifiers are used to uniquely identify an individual and their health records. An identifier does not need to use a person’s name as they are designed to be unique to a specific individual (for example, a customer number, unique patient number, tax file number or drivers licence number). We do not use a health records linkage system.