5. General matters relating to information handling
5.1 What is protected information?
Protected information is defined in the NDIS Act to mean:
- information about a person that is, or was, held in the records of the NDIA; or
- information to the effect that there is no information about a person held in the records of the NDIA (section 9).
Given that the definition of protected information extends to information that 'is, or was' held in the records of the NDIA, protected information retains its secrecy after it is disclosed to a person outside the NDIA.
5.2 What is personal information?
Personal information is defined in section 6 of the Privacy Act to mean information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.
In a practical sense, personal information is anything that can reasonably identify a person. Examples may include the person's name, address, date of birth, information about their illnesses and disability.
5.3 What is sensitive information?
The Australian Privacy Principles (APPs ) use the term sensitive information which can include information or an opinion about an individual's political opinions, religious beliefs, criminal record, sexual orientation and health information.
See also Privacy for further information on the APPs.