Skip to main content
Skip to secondary navigation
Menu
Australian Government - Office of the Australian Information Commissioner - Home

Inquiry into donor conception in Australia; Submission to Senate Legal and Constitutional Committee (September 2010)

Office of the Privacy Commissioner 

Inquiry into donor conception in Australia

1. The Office of the Privacy Commissioner (the Office) notes that the terms of reference for the Senate Legal and Constitutional Committee's (the Committee) Inquiry into donor conception in Australia (the Inquiry) include as a matter for consideration:

'[t]he past and present practices of donor conception in Australia, with particular reference to: ...the conduct of clinic and medical services, including ... management of data relating to donor conception' [emphasis added].

2. The Office provides the comments set out below to assist the Committee in considering the application of the Privacy Act 1988 (Cth) (the Privacy Act) in relation to the Inquiry.

About the Office and the Privacy Act 1988

3. The Privacy Act regulates the way in which the 'personal information' of individuals is handled by Australian and ACT Government agencies, all large private sector organisations, some small businesses, and all private health service providers.

4. The Privacy Act sets out:

a. the Information Privacy Principles (the IPPs), which apply to Australian Government agencies (agencies) (Privacy Act, s14)

b. the National Privacy Principles (the NPPs), which apply to certain private sector organisations (organisations) including all private health service providers (Privacy Act, Schedule 3).

5. The Office is an independent statutory body established under the Privacy Act whose purpose is to promote and protect privacy in Australia. The Office is also the national regulator in respect of the IPPs and NPPs.

6. On 1 November 2010, the Office of the Privacy Commissioner will be integrated into a new statutory agency, the Office of the Australian Information Commissioner (the OAIC). The OAIC will bring together the three functions of privacy protection, the promotion of open government and the provision of advice to the Government on information policy generally to assist the development of a consistent workable information policy across all Australian Government agencies.

7. The Government has announced its intention to enact a new set of Australian Privacy Principles (the APPs).[1] The APPs, which are currently in draft form, comprise a single set of principles that will regulate the handling of personal information by both agencies and organisations[2], and are intended to replace the IPPs and NPPs. The OAIC will be the national privacy regulator of the APPs.

Application of the Privacy Act

8. The Office considers that the terms of reference for the Inquiry raise a number of issues with respect to the obligations imposed by the Privacy Act on clinics and medical service providers that handle the information of gamete donors (donor organisations).

9. The Privacy Act applies to all aspects of the handling and management of 'personal information', that is, information or opinion, whether true or not, about an individual whose identity is apparent, or can be reasonably ascertained from the information or opinion (Privacy Act, s6). Accordingly, the Privacy Act applies to the collection, storage, use, and disclosure of the 'personal information' of gamete donors (donors) by donor organisations.

Collection - 'health information' and 'sensitive information'

10. In the context of donor conception, the 'personal information' of a donor may include 'health information' (Privacy Act, s6), that is:

  • a. information or opinion about the health (at any time) of an individual that is also 'personal', i.e., can be linked to the identity of the person to whom it relates, or
  • b. other 'personal information' collected to provide, or in providing, a health service (for example, services for the purpose of or related to donor conception), or
  • c. other 'personal information' of an individual collected in connection with a gamete donation, or intended donation, made by the individual, or
  • d. genetic information in a form that is or could be predictive of the health of that individual or a genetic relative of that individual.

11. 'Health information' is also 'sensitive information' within the meaning of the Privacy Act (Privacy Act, s6).

12. NPP 10 imposes additional restrictions on the collection of 'sensitive information' by organisations. Specifically, NPP 10 provides that an organisation must not collect 'sensitive information' about an individual unless a relevant exception applies. Those exceptions include (but are not limited to):

  • a. where the individual to whom the information relates has consented to the collection (NPP 10.1(a))
  • b. where the collection is required by law (NPP 10.1(b)).

13. The other exemptions to general prohibition of the collection of 'sensitive information' established by NPP 10 are not strictly relevant to the Inquiry. Further information on the operation of NPP 10 may be found at www.privacy.gov.au/materials/types/download/8774/6582 at pages 33-34.

14. In the context of donor conception, the Office understands that it is industry practice that the 'sensitive information' of donors is collected with the express consent of donors.

Disclosure

15. The Privacy Act expressly limits the circumstances in which the 'personal information' held by donor organisations, such as the 'health information' of donors and the genetic offspring of donors (offspring), can be disclosed. 'Personal information' may be disclosed for the primary purpose for which it was collected, or for permitted secondary purposes where an exception in NPP 2 applies.

16. The limits on the purpose for which personal information may be disclosed will be especially relevant where, for example:

  • a. offspring seek access to information about their genetic history and their donor
  • b. offspring seek access to information about their genetic siblings
  • c. donors seek access to information about their genetic offspring.

Exception: disclosure with informed consent

17. The Privacy Act permits the disclosure of 'health information' (including genetic information) where prior consent to the disclosure has been given by the individual to whom that information relates (for example, where a donor has given consent for their identity to be disclosed to their genetic offspring) (NPP 2.1(b)).

18. The Office is of the view that, to be valid, consent must be fully informed and freely given.

19. However, where no valid consent has been given, NPP 2 may prevent the disclosure of 'personal information' unless a relevant exception applies.

20. The exceptions relevant to 'personal information' that may be collected in connection with donor conception are discussed below.

Exception: threats to life, health, safety or public health

21. The disclosure of 'personal information' of donors (including health and genetic information) may be permissible under the Privacy Act where the organisation seeking to make the disclosure reasonably believes that the disclosure is necessary to lessen or prevent:

  • a. a serious and imminent threat to an individual's life, health or safety, or
  • b. a serious threat to public health or safety (NPP 2.1(e)).

Exception: disclosure for research purposes

22. If the 'personal information' proposed to be disclosed is 'health information', disclosure may be permissible where all of the following are satisfied:

  • a. the disclosure is necessary for research, or the compilation and analysis of statistics, relevant to public health or safety
  • b. it is impractical for the organisation seeking to disclose the 'health information' to seek consent from the individual to whom that information relates prior to making the disclosure
  • c. the disclosure is conducted in accordance with the guidelines drafted by the National Health and Medical Research Council (NHMRC)[3] and approved by the Privacy Commissioner under s95A of the Privacy Act (s95A Guidelines)
  • d. the organisation reasonably believes that the recipient of the information will not disclose the information, or personal information derived from it (NPP 2.1(d)).

23. The s95A Guidelines provide a framework for organisations involved in conducting research, the compilation or analysis of statistics, or health service management to weigh the public interest in the use of the health information for specific purposes. Further information on the operation of the s95A Guidelines is available at www.privacy.gov.au/materials/types/download/8757/6568.

Exception - 'genetic information'

24. If the 'personal information' proposed to be disclosed is 'genetic information', disclosure may be permissible under the Privacy Act if all of the following are satisfied:

  • a. the organisation proposing to make the disclosure reasonably believes that the disclosure is necessary to lessen or prevent a serious threat to the life, health or safety of an individual who is a genetic relative of the individual to whom the information relates
  • b. the disclosure is conducted in accordance with the guidelines drafted by the NHMRC and approved by the Privacy Commissioner under s95AA of the Privacy Act[4] (s95AA Guidelines)
  • c. the recipient of the information to be disclosed is a genetic relative of the individual to whom the information relates (NPP 2.1(ea)).

25. The s95AA Guidelines outline the circumstances in which genetic information may be used or disclosed without prior consent, i.e., where such disclosure is necessary to lessen or prevent a serious threat to the life, health or safety of an individual. Further information on the operation of the Guidelines is available at www.privacy.gov.au/law/act/genetic.

A right to access donor information and the establishment of a national register

26. The Office understands that several submissions have been made to the Committee in support of:

  • a. a legal right for donor offspring to be given access to information about their donor, and their genetic siblings
  • b. a national register of donor information to facilitate that right, and to protect and preserve donor information.[5]

Exception to prohibition of disclosure: 'required or authorised by law'

27. The Office notes that the disclosure of 'personal information', including health or genetic information, is permitted by NPP 2 if required or authorised by or under law (NPP 2.1(g)). A similar exception applies to disclosures made by agencies (IPP 11.1(d)).

Obligation to provide adequate data security

28. In the view of the Office, the centralisation of data in a national registry can create additional privacy risks. Generally speaking, centralised databases of 'personal information' can be tempting to hackers and organised crime (e.g., as material for potential identity theft). Further, the administrators of centralised data repositories are sometimes subjected to pressure to use, or allow the use of, the repository for purposes that are unrelated to the reason it was established ('function creep'). Such uses may go beyond public expectations (for example, by facilitating the sharing of personal information between disparate public and private sources, including by data-matching and data-linking).

29. NPP 4 imposes an obligation on organisations to take reasonable steps to protect the personal information that they hold from misuse and loss, and from unauthorised access, modification and disclosure. IPP 4 imposes a similar obligation on agencies. Accordingly, any organisation or agency administering a national register would be obliged to put in place appropriate data security measures.

30. If the Committee considers that the establishment of a national register of donor information would be appropriate, the Office suggests that it will be important to consider:

  • a. the kinds of security arrangements that should be implemented to protect the information held on the register from misuse, loss and unauthorised access
  • b. measures to prevent 'function creep'.

Privacy Impact Assessment

31. The Office recommends the use of Privacy Impact Assessments (PIAs) by organisations and agencies to ensure that privacy is built into new initiatives. A PIA is an assessment tool that describes in detail the personal information flows in a project, and analyses the possible privacy impacts of the project.

32. The elements that make up a PIA (including identification, analysis and management of privacy risks) help organisations and agencies to develop and implement good privacy practice and underpin good public policy. PIAs also help to engender community trust in new projects if the issues raised during the PIA are adequately addressed during the development of the project.

33. Generally, a PIA should:

  • a. describe the personal information flows in a project
  • b. analyse the possible privacy impacts of those flows
  • c. assess the impact the project as a whole may have on the privacy of individuals
  • d. explain how those impacts will be eliminated or minimised.

34. For large projects, conducting a PIA may be an iterative process, with a number of PIAs carried out at various stages of development or as the project design evolves. In many cases, it can be useful for PIAs to be conducted by an independent expert specialising in privacy issues and the conduct of PIAs. There are many organisations equipped to undertake such a role.[6]

35. In addition, the Office has recently released a new version of its PIA guide. The guide caters to the needs of both organisations and agencies.[7]

36. If the Committee considers that the establishment of a national register of donor information would be appropriate, the Office suggests that the Committee also recommend that a PIA be carried out as part of the establishment process.

37. The Office would appreciate being kept informed of the progress of the Inquiry. Should the Committee require any further assistance in considering the application of the Privacy Act to the handling and management of data relating to donor conception, please contact Ms Angelene Falk, Director, Policy on
(02) 9284 9651 or at angelene.falk@privacy.gov.au.


[1] See Enhancing National Privacy Protection, Australian Government First Stage Response to the Australian Law Reform Commission Report 108 (2009), http://www.dpmc.gov.au/privacy/alrc_docs/stage1_aus_govt_response.pdf; and Australian Privacy Principles - exposure draft, www.aph.gov.au/Senate/committee/fapa_ctte/priv_exp_drafts/guide/exposure_draft.pdf
The exposure draft of the Australian Privacy Principles (APPs) has been referred to the Senate Finance and Public Administration Committee for inquiry and report by 1 July 2011.

[2] The exposure draft APPs apply to 'entities'. Section 15 of the exposure draft defines an entity as 'an agency or organisation'.

[3] http://www.nhmrc.gov.au/_files_nhmrc/file/publications/synopses/e43.pdf

[4] http://www.nhmrc.gov.au/_files_nhmrc/file/publications/synopses/e96.pdf

[5] See, e.g., submission 122, Submission of the Donor Conception Support Group of Australia Inc., (2010), p 137.

[6] See, for example: http://www.privacy.gov.au/aboutprivacy/helpme/psp. The Office advises that the privacy service providers listed at the link are not endorsed by the Office. 

[7] Office of the Privacy Commissioner, Privacy Impact Assessment Guide (2010), http://thehub/records/Documents/2010-09/www.privacy.gov.au/materials/types/download/9509/6590.