Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

Privacy for agencies

Information sharing and information matching are two separate frameworks in the Privacy Act.

The information sharing framework provides for the authorisation and oversight of Approved Information Sharing Agreements (AISAs).  The information matching framework provides a detailed set of rules dealing with the supervision and operation of authorised information matching programmes.

Approved information sharing agreements

AISAs enable personal information to be shared between (or within) organisations for the purpose of delivering public services.  Information sharing agreements are approved by Order in Council.  To read the information sharing provisions (Part 9A) in the Privacy Act, click here.

AISAs enable government agencies to collaborate and share data without intruding on individuals' rights or creating legal risk. 'An A to Z of AISAs' teaches you what an AISA is, how to build a case for one, how to develop one and how to get one approved.  Have a go at our new online AISA module.

The lead agency for the AISA must publish a copy of the agreement online, and must report on activity as specified by the Privacy Commissioner. 

The Privacy Commissioner may publish a report about an AISA or the consultation process relating to that agreement. The Privacy Commissioner may also conduct a review of the operation of an AISA.  View the reports.

Information Matching 

The Privacy Commissioner has a regulatory role to monitor the use of data matching by government departments. 'Data matching' and 'information matching' are two terms for the same process. The Privacy Act uses the term 'information matching'. Information matching programmes are approved by statute.  Part 10 and Schedule 4 of the Privacy Act 1993 govern information matching. To read these provisions in the Privacy Act, click here.

Overview : An introduction to information (data) matching.

Operating an information matching programme : How to set up online transfers for information matching

Operating programmes : Detailed descriptions and annual reports of the results of all operating authorized information matches.

Preparing for a new information matching programme

Guidance note for departments seeking legislative provision for information matching: information matching Privacy Impact Assessments

Privacy Commissioner's views on the information matching guidelines

Information Matching Bulletins : This was an occasional series with news about information matching.  Old versions can be viewed here. Any news is now published via our e-newsletter and our blog posts.  

Information Matching Reports and Reviews : The Commissioner's comments on proposed legislation authorizing information matches, and other reports on information matching programmes.

Information Matching Audit : Audit of operating programmes is one approach used to monitor information matching activity.