Go to whole of WA Government Search
Data linkage security

Data linkage security

Strict security processes are adhered to at the Department of Health.

Data linkage is reliant on the use of personal information. As a result, support for data linkage in the community is contingent upon the protection of personal information and the confidence in those protection measures. Data linkage security is strictly adhered to in order to ensure that information does not result in outcomes against the interests of the individual or their community.

Physical security

The Department of Health employs a layered security approach. Access is gained after passing through levels of increasing restriction. 

The location of the Data Linkage Service unit is protected by the use of access control systems, with entry restricted to prevent unauthorised access. Additionally, the Data Linkage and Data Engineering Outputs teams are located in separated areas.

Access to this area is on a strictly need-to-access basis, requires separately authorised permission on the access control card, and is monitored and audited.

Technological security

Incoming and outgoing data

  • Data transfer through secure encrypted portals.
  • Linkage keys encrypted.
  • Data passes through quality assurance checks before release.
  • The local intranet is protected from intrusion by layers of network security and monitoring.

Server security

  • Data subject to regular secure (encrypted) back up, with storage at a secure off-site facility.
  • Servers and databases regularly patched.
  • Servers protected from intrusion within the local intranet by an additional layer of monitored firewalling.

Access

  • Data stored on secure servers with strict, needs-based access restrictions.
  • Personal computers monitored by a corporate virus and malware checking system and employ an automatic locking protocol.
  • Login passwords are changed regularly and subject to multi-factor authentication.

Security for data applicants

All applications for linked data must include a detailed security plan, in addition to the physical and technological security protocols followed by Department of Health staff members. This plan is reviewed closely by data custodians and the Research Governance Office as part of the data request process.

For more information on mitigating risks for misuse, interference, loss and unauthorised access, refer to the Information Access Use and Disclosure Policy Resource Compendium.  

wa.gov.au