Australian Government Data Exchange (DEX) Consent

What is consent to collect personal information and store it on the Data Exchange?

The Data Exchange is a reporting platform operated by the Department of Social Services (DSS). DSS must comply with its obligations under the Privacy Act 1988 when collecting personal information from clients. All organisations are required to obtain client consent on behalf of DSS before storing personal information in the Data Exchange. In the Data Exchange, personal information includes the client’s first name, last name and street-level address details. When consent is not given, the client’s personal information is not stored in the Data Exchange. In these cases, organisations can only see demographic data and will need to keep a record of the client ID to be able to update the client’s record for future sessions. Protecting each client’s personal information has been, and continues to be, a fundamental design principle of the Data Exchange. Data collected through the Data Exchange is de-identified, meaning that DSS will not see a client’s personal information even when they consent to their data being stored on the Data Exchange. This de-identified data is used for policy development; grants program administration, research and evaluation purposes.

What is consent to participate in follow-up research?

Funding agencies and third parties (such as universities) are interested in commissioning future research to better understand client needs and find opportunities to improve service delivery. Obtaining client consent to participate in research will create an indicative pool of willing participants for future research projects. The specific details about commissioning and administering client research is likely to vary depending on the nature of the planned evaluation. Basic steps are: • Organisations must ask clients if they are open to participating in future client research. This consent forms part of the priority requirements. • Any research conducted will be approved by a recognised ethics committee. • Researchers will communicate with organisations before any research activities start. • Organisations and researchers commit to clear and simple communications to help clients understand why research is important and what it means to participate. • Clients can withdraw their consent at any time.

More information:

There are a number of communication materials on the Data Exchange website that discuss privacy and consent:

  • A factsheet on how privacy is protected in the Data Exchange, to help organisations discuss privacy with their clients.
  • The Data Exchange Protocols outlines organisations’ privacy obligations and consent procedures.
  • The Privacy Impact Assessment confirms the Data Exchange is operating in line with the Privacy Act and has been released in the interests of transparency and accountability.
  • For system support, contact the Data Exchange helpdesk by email at dssdataexchange.helpdesk@dss.gov.au, or on 1800 020 283.