Privacy policy

The Department of Human Services’ Privacy Policy explains how we handle your personal information. We’ll update this policy when our information handling practices change.

The Privacy Act 1988 requires us to have a privacy policy.

Our Privacy Policy outlines what kinds of personal and sensitive information we collect, why we collect this information, and how we handle it.

‘Personal information’ is information or an opinion about an identified individual or an individual who is reasonably identifiable.

‘Sensitive information’ is a subset of personal information and includes information or an opinion about your:

  • racial or ethnic origin
  • political opinions
  • religious beliefs or affiliations
  • philosophical beliefs
  • sexual orientation
  • criminal record
  • health information
  • genetic information

What we collect

We may collect personal information about you when it’s reasonably necessary for, or directly related to, our functions or activities. We may collect sensitive information about you where you consent, when the collection is authorised or required by law, or the collection is otherwise allowed under the Privacy Act.

The kinds of personal information we may collect includes:

  • information about you, such as your:
    • name
    • address
    • gender
    • date of birth
    • contact details
  • information about your circumstances, such as your:
    • employment status and history
    • education status
    • financial situation
    • cultural and linguistic background
    • citizenship and visa status
    • health and welfare
    • disabilities
    • family circumstances
  • information about your family and other related persons, such as any:
    • partners
    • children
    • dependants
    • carers
    • nominees or authorised representatives
  • information about your interactions with us, such as:
    • applications and claims you’ve made
    • payments or services we provide you
    • feedback and complaints
    • any other special service arrangements

We may also collect information about you to help us establish and verify your identity and administer records, including:

  • departmental reference numbers
  • Department of Veterans’ Affairs (DVA) file numbers
  • tax file numbers
  • healthcare identifiers
  • biometric information (such as your Voice Biometrics voiceprint)

You can read more about the collection of personal information.

How we collect information

We collect your personal information through a variety of channels. This includes paper forms or notices, search warrants, online portals, correspondence, face to face or over the telephone.

We may also collect your personal information from third parties including other government agencies:

  • as a result of a tip off
  • when undertaking data matching
  • in the course of administering legislation
  • in the lodgement of a complaint
  • in the context of enforcement activities

When your personal information is collected from a third party, we take steps to inform you. This may occur through this Privacy Policy, application forms, notices or discussions with our staff.

Social networking services

We use social networking services such as Facebook, Twitter, Google+, Youtube, Instagram and Yammer to talk with the public and our staff. When you talk with us using these services we may collect your personal information to communicate with you and the public.

The social networking service will also handle your personal information for its own purposes. These services have their own privacy policies. You can access the privacy policies for these services on their websites.

Data matching

Data matching is where we compare income information collected from you with information held by the Australian Taxation Office (ATO). We do this to ensure you are only accessing payments and services you are eligible for.

We prepare Programme Protocols for our data matching programs, in accordance with guidelines issued by the Office of the Australian Information Commissioner (OAIC). Read more about Centrelink program data matching activities.

Why we collect information

We collect personal information about you where it is reasonably necessary for, or directly related to, one or more of our functions or activities.

To deliver payments and services

We may collect your personal information when it is reasonably necessary for delivering payments or services.  For example, we may collect your personal information to:

  • confirm your identity
  • communicate with you, including by SMS or email via our electronic messaging service
  • ensure correct payments are made
  • verify data provided in relation to claims and reviews with third parties
  • investigate fraud, including internal fraud and the assessment of payment eligibility
  • manage complaints and feedback
  • participate in merits and judicial review matters
  • manage and respond to requests for information

The reasons we collect your personal information will depend on the payments and services you access or are seeking. Read more about why we collect your personal information for:

For employment and recruitment

We collect personal information to establish and maintain records for the employment and recruitment of staff. You can read more about the information we collect for Employment purposes.

For market research

We may share your personal information to conduct statistical analysis and market research to improve service delivery. We may engage external companies to conduct this research on our behalf.

Read more about how we use market research, including how to opt out.

To work better across the department

Your personal information may be shared across our Australian Hearing, Centrelink, Child Support and Medicare service areas if you have given your consent or the sharing of your information is authorised or required by law.

Only when required with third parties

We may disclose your information to Australian Government agencies, state and territory agencies and third parties. The disclosure of your personal information will depend on the payments or services to which the information relates.

Read more about who we can share your personal information with.

How we store personal information

We take reasonable steps to protect your personal information against misuse, interference and loss, and from unauthorised access, modification or disclosure. These steps include:

  • storing paper records securely as per Australian government security guidelines
  • only accessing personal information on a need-to-know basis and by authorised personnel
  • monitoring system access which can only be accessed by authenticated credentials
  • ensuring our buildings are secure, and
  • regularly updating and auditing our storage and data security systems

When no longer required, we destroy or archive personal information in a secure manner.

Secrecy

In addition, our staff are bound by secrecy provisions which regulate information we collect for social security, family assistance, health, and child support law. These secrecy provisions restrict the access, use and communication of protected information, including within the department.

How we share information outside Australia

We may disclose your personal information overseas, such as to a foreign government or agency, where:

  • the disclosure is required or authorised by law, or
  • international information sharing arrangements are in place

Under these arrangements we can:

  • collect and disclose information about you where it is requested by an overseas authority, or
  • request information about you from an overseas authority

Read more about the countries which have international information sharing arrangements in place:

How to access and correct information about you

You have the right to:

  • ask for access to personal information that we hold about you, and
  • ask that we correct personal information we hold about you

If you ask, we must give you access to your personal information, and take reasonable steps to correct it if we consider it is incorrect, unless there is a law that allows or requires us not to.

We will notify you in writing, and explain our reasons if we refuse to give you access to, or correct, your personal information.

You can access and correct most of your details online using self service. If you can’t use self service, read more about access to information or contact us.

Updating information about you

It’s important to tell us if your circumstances change to ensure you are only accessing payments and services you are eligible for. You can do this yourself using our self service options.

What we do with your Tax File Number (TFN)

We adhere to the Privacy (Tax File Number) Rule 2015 for the collection, storage, use, disclosure, security and disposal of TFN information.

Specific purposes why we may request your TFN

We may request your TFN to:

  • administer various payments, and
  • comply with legislation referred to in section 8WA(1AA) of the Taxation Administration Act 1953

You do not have to give us your TFN. However, if you don’t provide it, or authorise us to access it from the Australian Taxation Office, there may be financial consequences.

If you give us your TFN, we will only use it where you consent, or where the use is authorised or required by law.

Prohibitions and penalties for unauthorised collection and use of TFN information

Under the Privacy (Tax File Number) Rule 2015 and the Taxation Administration Act 1953 it is an offence if we:

  • require, request or collect TFN information for unauthorised purposes, or
  • record, use or disclose TFN information unless permitted under taxation, personal assistance or superannuation law

A breach of the Privacy (Tax File Number) Rule 2015 is considered an interference with privacy under the Privacy Act. Where a breach of privacy is very serious, the Australian Information Commissioner may seek a civil penalty under the Privacy Act.

A breach of the Taxation Administration Act 1953 may result in maximum penalty of a $21,000 fine (100 penalty units), 2 years imprisonment or both.

There may also be other penalties under taxation, superannuation or personal assistance laws.

If you think your TFN information has been mishandled, you may contact the Office of the Australian Information Commissioner to make a complaint.

Further details about the TFN rules

Read more about the Privacy (Tax File Number) Rule 2015 and the Taxation Administration Act 1953 on the federal register of legislation website.

The OAIC has made the following information available to you to protect your TFN information:

How to make a complaint about privacy

If you wish to complain about how we’ve handled your personal information, first try to resolve the issue with the person you’ve been dealing with. If you are not satisfied, you can ask to speak to their supervisor.

Read more about how to make a complaint or feedback.

How we deal with your complaint

We will always respond to your feedback.

We will use the information from your feedback to investigate and resolve individual issues. We will also use the information to provide feedback to staff or our business areas. Your information will be stored and used to assist us to improve the delivery of our services.

If we do not resolve your complaint to your satisfaction, you can contact the Office of the Australian Information Commissioner (OAIC). The OAIC is independent to us.

Page last updated: 30 October 2017