Sharing government data is a priority
The Western Australian government holds highly valuable data and has a responsibility to use it for public benefit. While it is essential to protect government data from misuse, loss and unauthorised access, a failure to use and share data can create real risks for individuals and communities. It can also limit the government’s ability to deliver effective policies and services.
Responsible data sharing is a government priority. Public entities are expected to share data within government and beyond, where it is lawful and appropriate.
Ways to share data
WA Government data can be shared through a range of pathways, including routine business operations, under existing legislation or using formal agreements such as memoranda of understanding or contracts.
In addition to these pathways, the Privacy and Responsible Information Sharing Act 2024 (PRIS Act) provides an authorising framework to share information where there is a clear public benefit. This does not restrict or replace current lawful sharing arrangements and it does not introduce new requirements to formalise data sharing within or between agencies and their stakeholders.
How does data sharing work under the PRIS Act?
The PRIS Act includes responsible information sharing provisions that enable public entities to share data within government and with trusted external entities for permitted purposes.
What public and external entities are
Public entities include WA Government agencies, councils and WA public universities. External entities include medical researchers, Aboriginal community controlled organisations, community service providers, Australian universities (interstate and private universities) and other jurisdictions.
Permitted purposes include:
- emergency management activities
- developing or implementing government policy
- designing, managing, delivering or evaluating government programs and services
- supporting research and development with clear and direct public benefits
Some types of data are exempt from sharing under the PRIS Act. These exemptions reflect the sensitivity of the data and the risks associated with sharing. Examples of exempt information include certain child protection and public interest disclosure records, information that could identify complainants or protected sources, national security information and information linked to law enforcement investigations.
What are the steps to share data under the PRIS Act?
Refer to the RIS Toolkit for more information on the steps below.
Step 1: Request
One party makes a written request
A public entity or external entity makes an information sharing request in writing. The request identifies a permitted purpose, describes the project and the type of data being requested.
Step 2: Respond
The other party responds to the request
They consider the request and identify the best pathway to for sharing the data:
- through established arrangements, or
- under the PRIS Act, or
- refusing to share and explaining why.
Step 3: Assess
The parties conduct three assessments
The parties conduct assessments and identify safeguards to manage any risks to:
- personal information and privacy impact
- sensitive Aboriginal information and community impact
- responsible information sharing.
Step 4: Agree
The parties develop an information sharing agreement
The agreement must be registered with the Chief Data Officer. It sets out:
- permitted purposes under the PRIS Act
- agreed safeguards and controls
- data handling and access conditions
- how to manage an information breach.
Step 5: Share
The data is shared and the agreement is maintained
The provider shares the data with the recipient in accordance with the information sharing agreement. The agreement can be amended or updated at any time. The Chief Data Officer must be notified of any changes.
Support
The Chief Data Officer at the Office of Digital Government supports public entities to share data and information responsibly.
For advice or assistance, please contact the Data Governance team at data.sharing@dpc.wa.gov.au.
Print this page
