Skip to main content

A NSW Government website

Data.NSW

Sensitive information

The NSW Government collects, stores and manages sensitive information as a part of normal business processes. Sensitive information includes:

  • personal information
  • health information
  • information which could be subject to legal privilege
  • commercial-in-confidence information
  • law enforcement information
  • NSW Cabinet information
  • National Cabinet information

Examples of sensitive information are an individual’s personal details, credit information, medical records, drivers licence information, criminal records, biometric information, and other personal details.

Compromise of this information’s confidentiality may result in limited damage to an individual, organisation or government generally and requires additional care in handling. It could result in fraudulent use of an individual’s personal information, financial loss to the agency or the individuals affected or reputational damage and loss of public trust in the agency responsible for the safekeeping of the information.

Collection, storage, use and disposal of different types of sensitive information is governed by different legislation and requires different access and dissemination rules. To make these differences clear, NSW Government uses dissemination limiting markers (DLMs) that must be applied to sensitive information. Most DLMs can be used on their own, or in conjunction with a security classification.

NATIONAL CABINET is not a DLM. It is a caveat and can be applied to information with a DLM or a Security Classification.  For further information on caveats, see Caveats and accountable material.

DLMs Figure 1

 

Labelling sensitive information
Labelling sensitive information

In NSW, sensitive information must be labelled with a DLM. This label helps the user of the information understand why the information is sensitive and what the limitations on dissemination are.

The Australian Government uses the OFFICIAL: Sensitive label for information which, if compromised, would cause limited damage to the national interest, organisations, or individuals. This information is not security classified but it does need protection and limitation of access to those who need to know. 

The OFFICIAL: Sensitive label will be applied by the Australian Government, and other states and territories. The NSW Government will not apply this label to its information because the six DLMs used in NSW with the OFFICIAL: Sensitive prefix allow for the specificity required in NSW. This means that information labelled OFFICIAL: Sensitive will be deemed to have originated from outside of NSW Government. See Figure 4 for a summary.

Figure 4: OFFICIAL: Sensitive information with DLMs

Applying text-based DLM labels with a prefix of OFFICIAL: Sensitive to documents (including emails):
It is recommended that text markings be in capitals, bold text, large fonts and distinctive colours (red preferred) and located at the centre top and centre bottom of each page. If text-based markings cannot be used, use colour-based markings. For NSW DLMs a yellow colour is recommended. If text or colour-based protective markings cannot be used, apply the agency’s marking scheme. 

If marking paragraphs abbreviations can be used. The Australian Government DLM OFFICIAL: Sensitive can be abbreviated to (O:S).

Hard copy and electronic records:
The label on a file cover or container must be at least equal to the label on the most sensitive item with the file or container. Labels need to be shown on all types of documents, reports and media. 

Electronic and other documents should include their sensitivity label in their metadata.

Digital and data:
Sensitivity and security labelling of digital information should be applied and communicated to the users of the systems. Sensitivity labelling can be shown in metadata fields within programs, in data dictionaries and system documentation.

Some systems may not have the functionality to include sensitivity or security classification labelling. In this case, an induction or communication program should be run with staff using the system, including third party users, to ensure they understand the sensitivity of the information they have access to.

Table 2 describes how to apply the NSW DLMs and the NATIONAL CABINET caveat, and the legislation which underpins each label.

Table 2: Applying NSW DLMs and the NATIONAL CABINET caveat

Figure 4
OFFICIAL: SENSITIVE - Law Enforcement DLM

The purpose of the OFFICIAL: Sensitive – Law Enforcement DLM is to enable law enforcement agencies, investigative agencies and agencies with legislated compliance and enforcement responsibilities, to more easily understand the information they are handling, to enable sharing of information between agencies, and to have common handling procedures.

 

DLMs Figure 3

 

The OFFICIAL: Sensitive – Law Enforcement DLM should only be used by law enforcement agencies, investigative agencies or agencies with legislated compliance and enforcement responsibilities, for law enforcement purposes and for information that needs to remain strictly confidential.

Information compiled for law enforcement purposes is often complex and may contain personal, health and law enforcement activity information. This information is important and should be afforded appropriate security in order to protect enforcement proceedings, the right of a person to a fair trial, policing and community safety practices, proprietary information or to protect a confidential source.

Information with a NSW DLM of OFFICIAL: Sensitive – Law Enforcement which is provided to another agency for law enforcement purposes is not to be released by that agency to a third party without the written approval of the law enforcement agency that created the information. This includes information sought through various freedom of information legislation or court subpoenas. It is best practice for agencies who use this label on documents (physical or digital), to include information about which agency the information originates from. 

The information that may fall under these activities includes:

  • multi-jurisdictional operational law enforcement activity
  • policies and guidelines for law enforcement investigations when disclosure of the information could be reasonably expected to risk circumvention of the law, or jeopardise the life or physical security of any individual, including the lives and safety of law enforcement personnel
  • law enforcement training information.

The use and dissemination of law enforcement information is strictly regulated, and it may constitute a criminal offence to use or release it for any purpose that is not authorised by the Acts. Where personal or health information is being transferred as part of a law enforcement operation, it is also necessary to comply with the requirements of the appropriate state privacy legislation.

OFFICIAL: Sensitive – Legal and OFFICIAL: Sensitive – Law Enforcement DLMs should not be confused. OFFICIAL:  Sensitive – Legal should be used to protect legal professional privilege under the advice of legal professionals.

Determining which OFFICIAL: Sensitive NSW DLM to apply

Figure 5 outlines a simple decision-making process that NSW Government agencies can use to determine which NSW DLM can be applied to information of a sensitive nature.

Figure 5: Decision making tool for NSW DLMs

Figure 5

 

Why do I have to label?

Applying labels (protective markings) to security classified or sensitive information indicates that the information requires protection and dictates the level of protection required. Protective markings help control and prevent compromise of information as they are an easily recognisable way for information users (visually) and systems (such as an entity’s email gateway) to identify the level of protection the information requires. The labels describe why the dissemination of the information is limited.

Creating new DLMs

Agencies are not to create their own DLMs, security classifications or caveats.

What if my information falls under two labels?

Two labels are not required, the decision-making tool (Figure 5) has been designed to help determine which label to use. Most health information contains information about health as well as personal information and this should be labelled as OFFICIAL: Sensitive – Health Information.

In a situation where a document has multiple types of information, or information that fits more than one DLM or security classification, the document must be labelled and/or classified as per the information of the highest level of sensitivity within that document.

Who applies the label?

The person responsible for preparing the information is responsible for assessing the information and labelling it according to these guidelines.

NSW agencies are likely to manage sensitive information that has historically not been labelled. Sensitive information in use must be labelled. NSW agencies need to plan how to implement labelling across their organisation based on risk and importance of the information; for example, more sensitive or confidential information should be labelled first.

Agencies are to advise all staff, including contractors, on the proper use of the Information Classification, Labelling and Handling Guidelines. Agencies that are likely to handle sensitive information should have standard operating procedures to assist staff in labelling.

When are labels applied?

Labels should be applied when:

  • the information is created. The originator is required to assess the consequences or damage from unauthorised compromise or misuse of the information. If adverse consequences from compromise of confidentiality could occur or the agency is legally required to protect the information, the information must be labelled.
  • information is received from external sources, that is not already labelled, should be assessed upon receipt and labelled according to its sensitivity or security requirements. Security classified information which is received from another government agency should be handled in accordance with these guidelines and the Protective Security Policy Framework (PSPF) as appropriate. Re-labelling of information received from another government agency is not necessary unless information has been added, edited or removed and its sensitivity or security classification has changed. This re-labelling should be done in consultation with that agency.

Agencies are not required to label UNOFFICIAL or OFFICIAL information. By default, unlabelled information will be handled as OFFICIAL. Agencies may determine their own policy for labelling OFFICIAL material, according to their operating requirements.

For Official Use Only

A NSW agency sending sensitive information to another government agency must label the information with a DLM so that the receiving agency will understand the sensitivity of the information.

The originator must ensure that information is classified and labelled prior to any use or sharing of the information. Information custodians are to provide appropriate classification and handling guidance to any third-party requiring access to the information.

If you receive a document or record that is already labelled, the document or record needs to be handled according to this label. Re-labelling of documents is not required unless it is obvious that the document contains sensitive or confidential information that may be at risk of exposure. If a decision to re-label is made, contact the originator of the information, if possible, to inform them of the need to amend the label.

Where should the label be applied?

Once you have assessed the information and determined that it needs a DLM, you now need to apply these labels to the information. DLMs can be applied to information in any format and medium. This includes paper or digital.

The labels need to be at the top and bottom centre of the documents, presentations, maps, media, so they are visually prominent. Examples have been provided below.

Email – As best practice, emails should be marked in the subject line as well as at the top and bottom of the message. This will help ensure that information is flagged clearly for the recipient. Email labelling is required for sensitive information and above.

Figure 6: Example email with labels at the top and bottom of the email

Figure 6

The Australian Government has developed an email protective marking standard for Australian government agencies to follow. This standard has been applied to the example in Figure 6.

Some email systems may not enable the use of multiple labels. If the information relates to National Cabinet, then use the label OFFICIAL: Sensitive – NATIONAL CABINET. 


Documents – agencies are to insert a label in the header and footer of each document (see Figure 7 below).

Metadata – Sensitivity and security classifications should be included in the metadata about digital records or data; this ensures that the information about the sensitivity and security classifications are obvious, and persistent. Labelling can be applied at field level using metadata depending upon the application. Sensitivity and security classified labels should be added to data catalogues. 

Figure 7: Example documents labelled in the header and footer

Figure 7
I think the label is wrong - what do I do?

The originator of the information is responsible for labelling the document and changing these labels. If the document appears to be labelled incorrectly the originator needs to be contacted and the information re-labelled. If the originator is not known, the information needs to be assessed using the business impact levels tool and labelled accordingly. 

What if the information's sensitivity changes over time?

Sensitivity of information can change over time and will need to be reassessed and labelled accordingly, particularly digital records and datasets. Agency datasets which are populated by free text fields through internet applications need to be monitored frequently and labelled according to the type of information provided.

The originator and data custodian must monitor information sensitivity over time. Associated dynamic information products, data analytics and third-party applications will also need to update the labels if changed.

Sensitivity of information can change over time. For example, a document may be sensitive until it is published but not afterwards.

Sensitivity

 

Do I have to update the existing labels in my agency?

These labelling guidelines are not retrospective. If information is not being used, the original labels can be kept. If the information is in use, it is expected that this information will be relabelled with new labels. A risk management approach should be taken with this process, with the higher risk or more sensitive information being relabelled first.

Receiving Australian Government information

The Commonwealth requires that NSW Government agencies receiving Australian Government sensitive and security classified information comply with the procedures set out in the PSPF regarding the application, removal, transfer, receipt and destruction of that information. Refer to PSPF Policy 8 Sensitive and security classified information for more information.

PSPF Policy 9 Access to information establishes the level of security clearance required to access sensitive and security classified information. For further guidance on obtaining personnel security clearances, see PSPF Policy 12 Eligibility and suitability of personnel and your agency’s Security Clearance Officer.

It is the responsibility of the information sender to ensure that security classified documents are protected appropriately. Recipient agencies are responsible for determining their obligations to protect the information according to the confidentiality requirements of the protective markings.

 

 

Back a page 
Unofficial or official information
Next page 
Handling sensitive information


Last updated 12 Jul 2024