FIVE SAFES OR TRUSTED ACCESS PRINCIPLES
The five safes, or trusted access principles, must be applied when sharing and/or using public sector data under the Public Sector (Data Sharing) Act 2016 . The five safes are:
- safe projects
- safe people
- safe data
- safe settings and
- safe outputs.
ODA's data sharing agreement forms are based on the five safes, providing guidance to agencies and organisations as to whether data sharing is appropriate under the various provisions. Public sector agencies must only share their data if they are satisfied that the data recipient meets all the criteria of the five safes.
The purpose for which data is to be shared and used must be appropriate.
- Is the data necessary for the purpose?
- What is the proposed use of the data?
- Will the purpose of the data sharing or use be of value to the public?
- Does positive public interest outweigh any negative public interest?
- Is there a risk of loss, harm or other detriment to the community if the sharing and/or use of the data does not occur?
The public sector agency that receives the data must be an appropriate recipient.
- Are they appropriately equipped and do they possess the relevant skills and experience to effectively use the data for the proposed purpose?
- Will they restrict data access to only specified persons with the appropriate security clearance/s?
- Can or will they engage with the agency providing the information to support the use of the data for the purpose?
- Are other persons or bodies in addition to the agency recipient invested in the outputs of the project and the motivations of those persons or bodies?.
The Office for Data Analytics conducts detailed assessment, vetting and screening of staff to act as a best practice reference for agencies for Safe People. Agencies should consider whether vetting through AGSVA (Australian Government Security Vetting Agency), screening such as DHS child-related employment or SAPOL criminal association checks are required for staff.
Data to be shared and used for a purpose must be appropriate for that purpose.
- Is the data of the necessary quality for the proposed use (e.g. sufficiently accurate, relevant and/or timely)?
- Does the data relate to people?
- If data containing personal information is to be de-identified, how will de-identification and subsequent re-identification occur?
In most circumstances, data will need to be de-identified before being shared. See FAQs for exceptions to this rule.
The environment in which the data will be stored, accessed and used by the agency receiving the data must be appropriate.
- Is the physical location where the data will be stored and used appropriate?
- Is the location of any linked data sets appropriate?
- Does the agency receiving the data have appropriate security and technical safeguards to ensure data remains secure and not subject to unauthorised access and use?
- What is the likelihood of deliberate or accidental disclosure or use occurring?
- How will data be handled after it has been used/shared for the specified purpose?
The classification of information being shared should also be considered - aggregated datasets will most likely increase the classification level. Please refer to the Federal Government's protective marking information for further information.
The Office for Data Analytics is obtaining certification to handle data up to and including PROTECTED from an Australian Signals Directorate (Department of Defence) approved IRAP (Information Security Registered Assessors Program) assessor. This certification also covers physical security against the Protective Security Policy Framework to hold PROTECTED and limited amounts of CONFIDENTIAL information.
The publication or other disclosure of the results of data analytics work conducted on data shared under the Act must be appropriate.
- What is the nature of the proposed publication or disclosure?
- Who is the likely audience of the publication or disclosure?
- What is the likelihood or extent to which the publication or disclosure may contribute to the identification of a person to whom the data relates?
- Will the results of the data analytics work or other data for publication or disclosure be audited and/or will that process involve the provider agency?
The Office for Data Analytics can advise on minimising risk of re-identification in published results or datasets. If published, consideration should be given to methods such as perturbation, aggregation and publishing of multiple data slices to avoid the need for micro datasets.
Prescribed Health Information
If data sharing is prohibited under one of the following health provisions, an additional ‘safe’ has been prescribed that requires that the data not be shared or disclosed without the prior approval of the Minister for Health:
- section 18 of the Assisted Reproductive Treatment Act 1988;
- sections 66 and 73 of the Health Care Act 2008;
- regulation 27 of the Health Care Regulations 2008;
- section 216 of the Health Practitioner Regulation National Law;
- sections 99 and 100 of the South Australian Public Health Act 2011;
- section 39 of the Transplantation and Anatomy Act 1983; and
- under the National Health Funding Pool Administration (South Australia) Act 2012.
In which case, ensure that the data sharing form includes the Minister for Health's signature.
SA NT DataLink
A further ‘safe’ has also been prescribed in relation to data sourced for the purposes of SA NT DataLink. If data has been disclosed to the provider agency by a person or body that is not a public sector agency for the purposes of SA NT DataLink, the data cannot be shared by the agency without the prior approval of the person or body who disclosed that data to the agency in the first instance.