Respondents’ rights to privacy and confidentiality are respected and their information is stored securely.
The protection of respondents’ information is a cornerstone of maintaining the integrity of the Official Statistics System. Public statements and actions concerning the protection of data help to maintain the cooperation and goodwill of respondents and allay public concerns about inadequate protection of individuals’ and business’ information.
This protocol sets out how Tier 1 statistics producers will meet their commitments to protect the confidentiality of statistical data within their care. Statistical data include those collected specifically through censuses and surveys for statistical purposes, as well as data derived from administrative systems.
The terms privacy, confidentiality and security are often used interchangeably but each term has a different meaning.
- Privacy refers to the ability of a person to control the availability of information about themselves.
- Confidentiality refers to the protection of individuals’ and organisations’ information, and ensuring that the information is not made available or disclosed to unauthorised individuals or entities.
- Security refers to how the publishing agency stores and controls access to the data it holds.
This protocol applies where an individual or entity has provided information in a relationship of trust, with the expectation that it will not be divulged to others without permission.
The protocol establishes policies for protecting respondent information when processing statistical data and publishing outputs, together with appropriate action in the event of unauthorised data disclosure.
It covers all statistical data that are required to be kept confidential, including those collected from people, households, businesses and other organisations, whether from surveys, censuses or administrative sources.
Unless explicitly required by law, this protocol applies equally to the living and those thought to be, or known to be dead. Similarly, the protocol continues to apply to businesses, organisations and other non-personal undertakings after they have ceased trading, merged, or been subject to a take-over.
State sector agencies should always consult any legislation guiding their department, and the Public Records Act 2005, Privacy Act 1993 and Statistics Act 1975 when in doubt of privacy, confidentiality or security law surrounding data.
Back to the summary of official statistics protocols