This page contains answers to questions we are asked on a regular basis regarding personal information and recordkeeping. It will be added to as questions arise. These are short and general answers - please contact us for more detailed responses.
Do we breach the State Records Act when we alter personal information from our records?
No, when the alteration is in relation to section 15 of the Privacy and Personal Information Protection Act 1998 (PPIP). This is limited in a number of ways:
- It only covers personal information as defined under the Government Information (Public Access) Act 2009 or GIPA Act and PPIP Act. For example, information contained in records such as recruitment records and referee reports are not considered personal information under section 4(3)(j) of the PPIP Act. For more information on what is defined as personal information see the Information and Privacy Commission website.
- It only refers to alteration of personal information, not destruction of a whole record or part of a record.
- It only permits the alteration of personal information to ensure that the information is accurate, relevant, up-to-date, complete and not misleading. If none of these apply, then there is no permission to alter the information.
It does not give permission to alter information for other reasons – such as to ensure privacy. Privacy can be protected by restrictions on access, or by ensuring that only relevant information is collected in the first place.
It is important to note that the PPIP Act covers personal information, whereas the State Records Act covers State records (records created by NSW public offices). Personal information may only be a component of a State record.
Can State records that contain personal information be destroyed?
Yes, State records that contain personal information can be destroyed:
- when the records have reached the mandatory minimum retention period as permitted in a current retention and disposal authority. It is recommended that time-expired records containing personal information are routinely destroyed unless there is a business need to retain the records longer (e.g. legal matter)
- if the personal information meets the criteria to destroy under the Normal Administrative Practice (NAP) provisions of the State Records Regulation 2015
- where the retention of information or copies of particularly sensitive personal information such as drivers licences, credit card details, passports is not required to meet the recordkeeping requirements of the public office. For example, if the process only requires that an ID is sighted to verify identity there is no reason to create or retain a copy of the ID.
The decision to delete/remove records should to be appropriately documented. Deletion or destruction of records should be done appropriately and in a secure manner.
In some cases it may be appropriate for additional access restrictions to be implemented in response to a privacy request. Public offices should ensure they have adequate controls and access restrictions in place to manage personal information (see NSW Government Information Classification, Handling and Labelling guidelines)..
It may also be advisable to review processes and procedures, in response to a privacy request to ensure that only personal information relevant to business use is captured in the future.
Note: this FAQ only relates to the provisions of the State Records Act 1998. Certain types of records (e.g. fingerprints) may be exempt from the State Records Act. For a list of legislation exempt from the State Records Act 1998 see Schedule 1 of the State Records Regulation 2015.
Do we need to retain proof of identity records?
Many public offices need to sight proof of identity or other documents as part of an application process. This could be from members of the public as part of applying for a licence or from members of staff as part of recruitment. These are transitory documents that in most cases need to be sighted but not retained. Retaining copies of identity documents such as driver’s licences, passports, Medicare cards, or Council rate statements within your systems is a security risk. We recommend:
- returning the proof of identity documents without copying them and capture a record that the identity documents have been sighted into your system
- if you need to copy them for verification purposes or transmission to another public office, dispose of the copies as soon as business use ceases.
This same principle applies to credit card details and medical certificates – if there is no need to retain the originals or copies of the originals once the transaction is completed, they can be returned or securely disposed of.
This advice is not applicable to public offices that have a reason to retain proof of identity documents for purposes such as criminal investigations etc.
We recommend public offices have documented procedures for handling of these types of documents based on a risk assessment. Creating a record that the documents were sighted fulfills the requirements of the State Records Act and your retention and disposal authorities.
Published October 2020/Updated September 2021