When can you share personal information in an emergency? Know your responsibilities

We’re all at the mercy of Mother Nature, especially during a Queensland summer. Get Ready Queensland reported that Queensland is the most disaster impacted state in the country, so it makes sense to be prepared and plan ahead before an emergency happens.

Bushfires, floods, cyclones and disease outbreaks can occur without notice. As a member of the Queensland public service, it’s important to know your privacy obligations and when it’s appropriate to share personal information held by your agency (for example with other departments or emergency services).

Understanding the basics of what should and shouldn’t be done with information sharing is critical, especially during emergencies, as it strengthens your agency’s response effort.

Timely exchange of accurate, complete and up-to-date information can protect the vulnerable and help save lives in emergencies.

That’s why the OIC is encouraging Queensland public sector agencies and staff to understand their privacy responsibilities this disaster season:

• Know about the flexibilities in the Information Privacy Act 2009
• Know how to apply them in an emergency event
• Know your agency’s information sharing strategy

The IP Act contains protections and provisions for personal information held by Queensland public sector agencies. And there are also flexibilities built in for emergencies, for example when it comes to secondary use and disclosure, where the health and safety of individuals may be at risk.

Agencies can prepare for privacy and sharing information in an emergency by developing an information sharing strategy. This helps agencies by:

• anticipating the situations that may result in requests for personal information
• establishing policies before an emergency occurs
• supporting staff to respond confidently and quickly to emergencies
• reducing the risk of personal information being handled inappropriately during an emergency
• ensuring agencies are mindful of other legislative provisions that may impact information sharing (i.e. confidentiality provisions).

Being part of the Queensland public sector, there is a responsibility to be prepared and ready to respond in emergency situations. Understanding privacy obligations and flexibilities within the IP Act and understanding your agency’s information sharing strategy can help everyone to respond confidently, accurately and quickly in an emergency.

It also means agencies are in a better position to reduce privacy risks and potential breaches, while also building greater trust with Queenslanders.

Resources to help agencies prepare for privacy

Campaign images

• Web banner 1500 x 500 px (PNG, 160.42 KB)
• Intranet image 1080 x 1080 px (PNG, 197.82 KB)
• Screensaver / desktop image 1920 x 1080 px (PNG, 222.44 KB)
• A4 Poster (PDF, 183.65 KB)

Understand the privacy flexibilities

• Guideline on privacy and managing disaster events
• Privacy flexibility in disaster management - information sharing scenarios

Understand risk

• What is personal information
• Privacy and Public Data Audit Report
• Step-by-step guide to Privacy Impact Assessments

COVID-19

• National COVID-19 Privacy Principles
• Managing privacy in a pandemic guideline
• Privacy and managing disaster events guideline
• Privacy flexibility in disaster management - information sharing scenarios

Need more help?

• Call the OIC Enquiries Service on (07) 3234 7373 or 1800 642 753
• Email the OIC Enquiries Service
• Visit the Queensland Government’s Get Ready campaign
• Visit the Queensland Disaster Management website
• Visit the Bushfires information website (for community and public sector)
• Visit the Floods information website (for community and public sector)