The Guides to Social Policy Law is a collection of publications designed to assist decision makers administering social policy law. The information contained in this publication is intended only as a guide to relevant legislation/policy. The information is accurate as at the date listed at the bottom of the page, but may be subject to change. To discuss individual circumstances please contact Services Australia.

6.1 Protected information


The National Redress Scheme collects sensitive information from people applying to the Scheme and from participating institutions. The Scheme places paramount importance on ensuring applicants' privacy and engaging with institutions in good faith.

Broadly speaking, protected information is any information about a person or institution obtained by the Scheme for the purposes of the Scheme and that is, or was, held in the Scheme's records. Protected information includes:

  • a person's application for redress
  • a person's offer for redress
  • a response from a participating institution to a request for information.

If the Scheme does not hold information about a person or institution this fact in itself is protected information under legislation.

Main authorisations

Protected information can only be obtained, recorded, disclosed or used by a person where authorised, and only then within the limits defined under the law.

A person is authorised to obtain, make a record of, disclose or use protected information:

  • if it is for the purposes of the scheme
  • if the person believes on reasonable grounds that it is necessary to prevent or lessen a serious threat to an individual's life, health or safety
  • if there is expressed or implied consent of the person or institution to which the information relates, or
  • to produce information in an aggregated form that does not disclose, either directly or indirectly, information about a person or institution.

A person is authorised to handle protected information for the purposes of the Scheme if there is a sufficient connection between the person obtaining, recording, disclosing or using the information and the administration of the NRSAct or Scheme. For example, an officer of the Scheme would be authorised to obtain protected information through a person's application form, and obtain protected information from an institution through a request for information.

Protected information can also be used by the Scheme for reporting purposes, so long as this information does not identify a specific person or institution. This means the Scheme can use protected information to identify and report on aggregated data such as patterns and trends in the Scheme's operation. For example, the Scheme will use aggregated protected information to prepare an annual report about the Scheme to be tabled in Parliament.

Act reference: NRSAct section 92 Protected information, section 93 Main authorisation-obtaining, recording, disclosing or using protected information

Last reviewed: