File 34Security at the Data Linkage Branch

The DLB maintains strict security processes at the DOHWADepartment of Health Western Australia offices in East Perth. The following measures are undertaken:

Physical Security

  • The DLB is located on a restricted access floor at the DOHWA offices. Access to this floor requires a security pass which are only provided with the approval of the DLB Program Manager.
  • All visitors to the DLB must obtain a photo security pass from the DOHWA security desk and sign in and out of the secure floor. Visitors are accompanied by a DLB staff member at all times.
  • The DLB servers are stored in a locked server room, accessible only to DLB Systems Support staff and a limited number of DOHWA IT staff and IT Contractors.
  • The Client Services Team is located on a separate part of the floor to the Linkage area.
  • Data provided for linkage is stored in a locked filing cabinet in the linkage area accessible only to linkage staff.
  • Research extracts that are ready for collection by researchers are stored in a safe in the Client Services area. The code for the safe is known only to the Client Services Project Manager and Project Officer.

Technological Security

  • DOHWA provides technological security via a firewall and login protocols. Passwords to login to computers are changed every three months.
  • Network access is granted only with the approval of the DLB Program Manager and access to the DLB servers is restricted to the local network (i.e. no access outside the DLB computers at the DOHWA office). Client Services staff and analysts do not have access to the servers on which identifiableWhere the identity of an individual can be reasonably ascertained, e.g. name, address, full date of birth. data is stored.
  • Access to DLB servers is granted by login and password.
  • All DLB staff must lock their computers when away from their desk for any period of time. DLB linkage staff must minimize their windows when a non-DLB staff member or visitor is present to avoid identifiable data being on display.
  • No identifiable information is stored on the hard drives of the DLB computers.
  • All computers have automatic screen locking after 10 minutes of inactivity.
  • Data provided for new linkage projects must be encrypted and hand delivered to a DLB staff member or sent via courier.
  • Research data will be encrypted and will be delivered by secure means. The password will be emailed separately to a member of the research team.

Security for Researchers

All applications for linked data must include a detailed security plan. The plan should adhere to the DOHWA Practice Code for the Use of Personal Health Information and address both technological and physical security. This plan is reviewed closely by the DOHWA Data Managers at the Expression of Interest stage, and the DOHWA HRECDepartment of Health Western Australia Human Research Ethics Committee if applicable to the project.