Documents Relating to the Sharing of DVA Client Information
Dear FOI Officer,
I am making this request for access to documents under the Freedom of Information Act 1982 (Cth).
I seek access to any and all documents, records, data, and supporting material held by [Name of Agency] concerning the sharing of personal information originating from the Department of Veterans’ Affairs (DVA) over the last ten years. This includes any data transfers from or to the DVA, whether they were one-off exchanges or ongoing, systematic transfers of DVA client information, including personal, medical, financial, or service-related details concerning veterans or their dependents.
I am interested in obtaining a comprehensive understanding of what DVA client information [Authority name] has received or accessed and for what purposes. Specifically, I request:
All records of data sharing arrangements between DVA and [Authority name], including but not limited to memoranda of understanding, service-level agreements, emails, letters, meeting minutes, file transfer logs, internal reports, and instructions that outline what data was shared, when it was shared, and the format or system used for the transfer.
Any policies, procedures, guidelines, or frameworks that govern how [Authority name] requests, obtains, stores, handles, or uses DVA client information. This includes documents that detail the criteria for approving access to such data, any consent or authorization processes, security controls, and retention or destruction policies.
Copies of any ethics committee approvals, privacy impact assessments, internal review board decisions, or other documents that reflect deliberations or authorizations for obtaining DVA client information. This includes records that show the agency considered the ethical, legal, or privacy implications of receiving or using DVA client data.
Documents that outline the intended uses or practical applications of the DVA client data, such as project proposals, business cases, internal strategy papers, or briefings that explain why [Authority name] sought access to this information, how it was intended to be integrated into the agency’s operations, and any expected outcomes or benefits.
A representative sample (in a suitably de-identified or redacted form) of the data or data fields received, so long as providing this sample does not breach any exemption under the FOI Act. The purpose is to understand the nature and granularity of the information shared, without disclosing identifiable personal details.
If the only data [Authority name] received pertains solely to data linked to the Centrelink Confirmation eServices (CCeS) arrangements as described at https://www.servicesaustralia.gov.au/cen..., and there were no other forms of DVA data shared, then no CCeS-related data needs to be provided under this request.
I emphasize that I am not authorizing the transfer of this FOI request to the Department of Veterans’ Affairs or any other agency. If [Authority name] holds the requested information, it should provide it directly. If there are parts of this request that [Name of Agency] does not understand or believes are not held, I invite you to contact me to clarify or refine the scope under section 24AB of the FOI Act, rather than initiating a transfer. However, I do not consent to the transfer of this request to another entity. The FOI Act places the onus on agencies to process requests for documents they hold, and I expect [Authority name] to meet its responsibilities in this regard.
I note that the statutory timeframe for processing FOI requests is 30 days from the date of receipt. I do not consent to any extension of time due to internal reduced activity periods, holiday stand-down periods, or other internal operational issues. If [Authority name] considers that it cannot meet the 30-day timeframe, it may seek an extension from the Office of the Australian Information Commissioner as provided under section 15AB of the FOI Act. I request to be notified if such an application is made.
If you consider any part of this request too broad or complex, please contact me promptly to discuss refining its scope. I remain willing to consider adjustments that will assist efficient processing, provided that they occur within the statutory timeframe and do not undermine the substance of what I am seeking.
I believe that disclosure of these documents is in the public interest, as it promotes transparency and accountability in how government agencies access and use sensitive personal information about veterans. Should you consider charges applicable, I request that you exercise your discretion to reduce or waive them, given the importance of the matter and its alignment with the principles of open government and public accountability.
I look forward to receiving your acknowledgment and decision within the statutory timeframe. Please contact me at the details below if you require further clarification.
Yours sincerely,
Nosey
Dear Nosey Rosey,
I refer to your FOI Request of 14 December 2024. Please find attached
APRA’s Notice of Decision dated 20 December 2024.
Kind regards,
FOI Officer
[APRA request email]
Australian Prudential Regulation Authority
1 Martin Place (Level 12), Sydney, NSW 2000
02 9210 3000 | [1]www.apra.gov.au
[2]Title: Australian Coat of Arms and APRA logo[3]Title: Ally
badge[4]Title: Inclusion and Diversity at APRA, Stronger Together badge
References
Visible links
1. file:///tmp/www.apra.gov.au
Dear Sonya Petreski,
Thank you for your correspondence dated 24 December 2024 regarding my Freedom of Information (FOI) request. I acknowledge your concerns about the scope of my request and would like to clarify it to address the issues raised.
Clarified Scope of Request
I am specifically requesting documents held by the ACCC concerning systematic or broad data-sharing arrangements with the Department of Veterans’ Affairs (DVA) over the past ten years. This includes:
Formal Agreements
Memoranda of understanding (MOUs), service-level agreements (SLAs), or other agreements formalising the sharing of DVA client information with the ACCC.
Governance Documents
Policies, procedures, or guidelines that detail how the ACCC handles, stores, or uses personal information originating from DVA.
Privacy and Ethical Considerations
Privacy impact assessments, internal reviews, or documents discussing the ethical, legal, or privacy implications of handling DVA client data.
Purpose and Use
Documents such as internal reports, strategy papers, or project proposals explaining why DVA data was accessed or shared and its intended uses within the ACCC.
Exclusions
To streamline processing, I exclude:
Individual complaint files or case-specific records involving veterans.
Information solely related to Centrelink Confirmation eServices (CCeS).
Clarification of Terms
DVA Client Information: Refers to any personal, medical, financial, or service-related information about veterans or their dependents originating from the Department of Veterans’ Affairs. This includes any datasets or records shared between DVA and the ACCC as part of inter-agency arrangements.
Agency Names: Any reference to "[Name of Agency]" or "[Authority Name]" in my original request should be interpreted as referring to the ACCC, as the request is directed to your agency.
Request for Assistance
If further clarification is required to identify relevant documents, I welcome the opportunity to collaborate with your office during the consultation process. I trust that this refinement will allow the ACCC to identify the documents relevant to my request.
Please confirm receipt of this clarification, and let me know if additional adjustments are necessary. I look forward to hearing from you regarding the next steps.
Yours sincerely,
Nosey