RESOURCES

 

The following can help you understand:

  • If it is appropriate your specific dataset to be hosted and used on our nationally-funded eResearch infrastructure
  • The legislative landscape in Australia with respect to human-derived data
  • Specific requirements in different Australian jurisdictions and laws affecting trans-border data flows
  • Circumstances when sharing of human-derived data for research purposes is permitted, and when it is not
  • Your responsibilities as a data custodian in ensuring data is secure
  • The responsibilities of infrastructure providers (like us) in providing tools and services so you can ensure human-derived data is secure

med.data Use Guide

Interactive tool to assist you understand if your specific dataset can be hosted and used on our nationally-funded eResearch computational infrastructure within the requirements of your ethics approval and institutional policiesRead More

Discussion Paper

Discussion paper outlining the Legal, Best Practice and Security Frameworks for consideration when using human-derived data in research in Australia.Read More

Summary of privacy legislation protecting individuals in research

Summary of legislation protecting individuals against the release of personal sensitive information to unauthorised parties – These cover situations both within the health sector (i.e. when personal health information from a patient is collected for the purposes of providing care), as well as situations when data derived from an individual is used in research. Includes privacy and health legislation and covers issues such as informed consent, ethics approval and trans-border data flows.Read More

Security requirements of IT systems for personal health information in Australia

Summary of the security requirements of an IT system intended to handle personal health information (including for research purposes) in Australia – as based on the 2015 Australian Guidelines for the Protection of Health Information (published by the Health Informatics Society of Australia) and the Australian Government’s Information Security Manual (ISM) (published by the Australian Signals Directorate).Read More

Guides describing technology services required when protecting
human-derived data

Outlining what each service does, when it should be used, and what the Australian controls are for that service.

Note: our infrastructure and associated technology services are currently suitable for storing data where individuals are not readily identifiable. Please contact us to find out more.

Identity Management

User Identity Management describes the service components required to accurately identify users of an IT system.Read More

User Authentication

User authentication is the act of determining whether someone is, in fact, who they declare they areRead More

Access Control

Access Control provides methodologies to ensure access to information is controlled in order to preserve confidentiality and integrity of information.Read More

Anonymisation

Anonymisation (or de-identification, confidentialisation) is a process that removes all personal identifying information from data that represents an identifiable individual. Read More

Encryption

Encryption is a method to render digital data unreadable by anyone other than authorised users. It can be used to provide a layer of security by making the data unreadable to anyone who is not authorised to view it.Read More