Information about the range of access and release of information applicable to agencies, such as data sharing, Freedom of Information (FOI) and legal discovery, through which information can be released, accessed and shared.
Knowing the relevant access and release schemes that apply will ensure access is provided to information where appropriate or authorised.
Relationship to the Information Management Standard
Knowing the relevant access and release schemes (schemes) that apply to your agency will ensure it provides access to information where it is appropriate to do so or where authorised (Behaviour 5.7). This should be reflected in the Information Management Plan (Plan), policies and procedures.
Release of information outside of the schemes, wherever possible, is encouraged through proactive disclosure (Behaviour 5.8).
Access and releasing of information
Access and release of information can be done through a range of schemes, such as data sharing, Freedom of Information (FOI) and legal discovery.
Such schemes can be used by:
- members of the public to access certain types of government information
- government agencies to share information with each other.
Each scheme has a different purpose and method of access or release.
The schemes can be used to facilitate the flow of information within government (Public Sector (Data Sharing) Act 2016 (Data Sharing Act)) or to the public (Government directives). They can also be legislative (Freedom of Information Act 1991 (FOI Act ) or policy based (administrative release).
To develop the Information Management Program (Program) and Plan , all relevant schemes that are applicable to your agency need to be identified. This can be done as part of the business and regulatory analysis.
This will determine the access and release policies and procedures that may be needed (Behaviour 5.7). For example, the process to follow when dealing with an FOI application is mandated by the FOI Act, whereas the process for administrative release is determined internally by your agency.
Common requirements for accessing information
To provide responsible and open access to information to the public or other government agencies your agency needs to know:
- any privacy, security or confidentiality constraints attached to the information sought
- the systems (physical or digital) that are holding the information assets and any security classifications or other access restrictions that have been applied
- any third-party property rights, such as copyright
- that the information is accessible and available for release.
Other considerations include how and when to release the information and in what format.
The applicable schemes for your agency are determined by the regulatory and operational environment in which your agency operates.
Some of the more common access and release schemes are listed below .
Relevant access schemes
Open data
Open data is the release and re-use of non-sensitive public sector data to the public. Government data sets are made freely available online. It is important when your agency is releasing open data that it uses established and existing definitions of information where possible (Behaviour 4.4).
Under the Government’s Open Data Framework state government agencies can publish open data proactively or on request from another government agency.
For further information refer to the Open Data Toolkit and Open Data Process Guide available from the Department of the Premier and Cabinet’s website .
Freedom of information
Under the FOI Act members of the public and Members of Parliament have a legally enforceable right to:
- be given access to government information, subject to any exemptions in Schedule 1 of the FOI Act
- amend their own personal information held by a government agency that is incorrect, incomplete, out-of-date or misleading.
The purpose of the FOI Act is to:
- promote openness in government and the accountability of Ministers of the Crown and other government agencies
- facilitate more effective participation by members of the public in the processes involved in the making and administration of laws and policies.
If your agency is subject to the FOI Act, having an up-to-date asset register will assist in the quick identification of information asset sources and locations that will need to be searched when progressing FOI applications.
All FOI applications must be:
- processed in accordance with the FOI Act by trained and designated Accredited FOI officers
- captured and managed within your agency’s records management system. The original information asset must be retained in your agency’s records management systems. The copies (including any redactions) provided to the FOI applicant should be saved in the relevant FOI case file.
FOI should be used as a last resort. Proactive disclosure or release through administrative schemes, where appropriate, is the preferred approach.
More information on FOI policy and training is avaialbe on our FOI Guidelines and Resources page.
Relevant release schemes
Administrative release
Administrative release of information can be done proactively or in response to a request (Behaviour 5.8).
This is separate from information required to be released under legislation such as FOI, or for inspection as a public register, or other documents under agency-specific legislation. It does not include information specifically published for public dissemination such as publications.
To ensure consistency in decisions about, and processes for, the administrative release of information, a public access policy and / or procedure should be developed and published online by your agency.
For more information on administrative release refer to the Administrative Release of Information Guideline.
Government directives on release of information – applicable to State Government Agencies
There are several government policies that require state government agencies to proactively disclose information to the public by online publication. Examples include the following Department of the Premier and Cabinet Circulars :
- PC031 Disclosure of Cabinet Documents 10 Years or Older: allows a Cabinet document, over ten years but under 20, to be proactively disclosed to the public (subject to certain conditions)
- PC035 Proactive Disclosure of Regularly Requested Information: agencies are required to release information that relates to various aspects of government expenditure, unless claimed exempt under FOI
- PC045 Disclosure Logs for Non-personal Information Released through Freedom of Information: agencies are required to make non-personal information and documents available that have already been released under FOI.
Data Sharing Act
Under the Data Sharing Act, agencies can make information available to other public sector agencies or non-government organisations:
- for specific purposes
- subject to certain criteria and
- under specified protections (such as protocols around personal information).
This is done through data sharing agreements which outline how both parties will fulfil the legislated requirements.
The agency providing the information to another agency or organisation remains responsible for administering any other request by the public for that information.
Agencies can meet the requirements under the Data Sharing Act by implementing a comprehensive Program ensuring your agency has appropriate security and access controls in place.
Information Sharing Guidelines
The Information Sharing Guidelines provide the steps to be taken when sharing information relating to vulnerable people which might otherwise be subject to privacy restrictions.
Agencies that have interactions with vulnerable people should have a procedure which explains how to implement the Information Sharing Guidelines .
For more information on the Information Sharing Guidelines refer to the Department of the Premier and Cabinet’s website.
Information sharing required by law
There are situations required by law where information must be shared irrespective of consent being given or not. For example, mandatory notifications under the Children and Young People (Safety) Act 2017 or disclosures in the interests of public safety under the Correctional Service Act 1982.
Legal discovery is another process which requires mandatory production of documents for inspection as evidence relevant to the case under scrutiny. This could be a civil litigation matter or a commission of inquiry.
Public access to archives
When permanent value physical information assets are transferred to the State Records Archive, SR Act requires your agency to, in consultation with the Director of State Records determine:
- that public access to the information asset is not subject to any restrictions, or
- conditions excluding or restricting public access to the information asset.
Often these determinations indicate that public access is restricted for a specified period, and open once their sensitivity had diminished.
State Records provides access to information assets that have been transferred to the Archive and are deemed open under an authorised access determination .
Where a request for access to a ‘closed’ information asset is received, your agency can either:
- provide the information broadly through proactive disclosure
- authorise State Records to provide access to the specific individual under certain conditions or
- require the requestor to make a request under the FOI Act as a last option.
State Records will contact your agency if it considers that sensitive information is not adequately protected, prompting a review of the access determination.
It is recommended that information assets of a non-personal and / or non-sensitive nature be open to public access on transfer to State Records.
In making a determination to restrict public access to your agency’s information assets in State Records custody, it’s important to consider:
- the encouragement in the SR Act in favour of ready public access to information assets
- the protection of personal information, confidentiality or cultural sensitivity
- the continuing information security needs
- ongoing commercial confidentiality requirements
- legislative requirements.
State Records may impose additional restrictions based on the condition of fragile physical information assets.
Access to government owned information assets held by third parties
An obligation to access, or provide access to, information assets still exists where your agency has engaged a third party to provide:
- business services on its behalf that create or use information, or
- a service to manage information assets (such as the electronic or physical storage of your agency’s information assets through an approved service provider or cloud service).
Any contract entered into with a third party provider that results in distributed management or storage of information assets must include conditions that ensure your agency can still access those information assets for a relevant purpose. This includes access required under the FOI Act, for legal discovery and any other administrative or legislated access requirements.
Further, it must include terms which address how information assets are to be returned to your agency upon completion or termination of the contract. They should seek to ensure:
- the information remains accessible and in a useable format
- in the case of digital information assets, they are transferred or migrated to a compliant system within your agency, and
- they are not retained by the third party any longer than necessary to perform the contracted services.
Transfer of permanent value information assets to the custody of State Records must be done in accordance with the SR Act and Transfer Standard.