A NSW Government website

Data.NSW
Data.NSW

Managing data sharing risks

NSW Government uses the Five Safes framework to assess the balance of risk when sharing data against the benefits to public interest and the usefulness of the data for research and statistical purposes.

The Five Safes framework

The Five Safes framework is internationally used by data providers to assess five dimensions of data access.  

Safe people

Safe
People

Safe projects

Safe
Projects

Safe settings

Safe
Settings

Safe data

Safe
Data

Safe outputs

Safe
Outputs

Each dimension asks a question to help decide if the data can be shared safely. 

Safe People

Can the user be trusted to use the data in an appropriate manner?

Safe Projects

Is the use of the data appropriate, lawful and ethical?

Safe Settings

Does the access environment prevent unauthorised use?

Safe Data

Have appropriate protections been applied to the data?

Safe Outputs

Do the outputs protect privacy and confidentiality?

Safe People

Can the user be trusted to use the data in an appropriate manner?

Data providers should share data with authorised users who are able to use the data appropriately and keep the data safe.  

Common requirements for safe user authorisation include:

  • Providing evidence of knowledge, skills or experience in data or statistical analysis.
  • Where appropriate, providing a Working with Children Check or National Police Check clearance.
  • Signing data privacy and confidentiality undertakings.
  • Completing training which explains legal and ethical responsibilities in accessing and using data. This can also include training on the use of data platforms and tools, if sharing is via access to the data provider's environment. 

As an authorised user:

DO:DO NOT:Consequences of an inappropriate data use
  • Access data on a need-to-know basis and only for approved purposes
  • Adopt privacy, security and de-identification practices
  • Keep data confidential, secure and protected from unauthorised disclosure and use
  • Notify the data provider as soon as possible if any personally identifiable information is found
  • Report data breaches to the data provider (including your own and others you may be aware of)
  • Do not use data to re-identify, or cause any data to be re-identified
  • Do not use any data from the shared data to target an individual for compliance, marketing or to provide them with a service
  • Do not share your login or credentials
  • Do not link data to other data without permission
  • Do not share data in any way with anyone who has not been authorised. 
  • Data breach
  • Reputation damage
  • Termination of data sharing agreement or contract
  • Access to data is revoked
  • Non-compliance with relevant legislation, including any financial penalties.
Safe Projects

Is the use of the data appropriate, lawful and ethical?

Data providers should share data for projects that: 

  • have clear statistical or research purposes
  • are lawful and ethical
  • provide a public benefit or in the public's interest. 

Share data if the purpose of the request supports evidence-driven:

  • government policy making
  • program management
  • service planning and delivery.
Safe Settings

Does the access environment prevent unauthorised use?

The environment—both physical and digital—must have controls in place to minimise the risk of unauthorised access and use of data. The level of protection should align with the level of risk.

Safe settings may include:

  • locked rooms requiring personal authentication
  • isolated IT environments with restricted external connectivity
  • where only pre-installed software can be used
  • where access to, and activity within, the secure environment is logged, audited and monitored for unauthorised access
  • where files are produced and saved inside the secure environment.

The NSW Data Analytics Centre's Advance Secure Analytics Lab and Advanced Analytics Service are examples of safe and secure environments to store and access sensitive NSW government data. 

Safe Data

Have appropriate protections been applied to the data?

Before sharing, data must be treated to reduce the risk of disclosing sensitive NSW government data.

At a minimum, data providers should: 

  • check that the data does not contain:
    • information which may identify an individual or community
    • commercial-sensitive or confidential information
    • any data that could trigger, create or contribute to a threat, issue, breach or vulnerability.
  • only include data variables required for the project
  • use data treatments such as:
    • de-identifying data
    • anonymising data
    • suppressing data values
    • aggregating data
  • remove direct identifiers such as names and addresses
  • test data treatments to ensure that disclosure risks are reduced

The above practices, including data treatments and techniques can help reduce the risk of disclosure while making sure that data remains useful. 

Safe Outputs

Do the outputs protect privacy and confidentiality?

Outputs are generally considered safe if they report analytical findings and do not reveal or identify people or organisations that provided the data. 

Controls to apply include:

  • disclosure clauses relating to outputs in data sharing agreements

  • apply and test data treatments such as cell frequency rule, cell dominance rule, group disclosure rule, or 10 degrees of freedom.

    The cell frequency rule sets a threshold value for the minimum number of individuals in any cell. If a cell fails this rule, action is needed to reduce likelhood of identification of data subject to unlikely.

    The cell dominance rule is used to assess whether a table cell may enable re-identification or disclosure

    Group disclosure rule means that in all tabular or similar outputs, no cell should contain 90% or more of its column or row total

    Degrees of freedom refers to the maximum number of logically independent values, which are values that have the freedom to vary in a data sample. All modelled output should have at least 10 degrees of freedom.

  • review process before outputs are released to intended users.

This is the final step in the process—ensuring that even if the source data is detailed, only non-disclosive results are published or shared.

Using the Five Safes Framework

When applying the Five Safes framework, keep the following principles in mind:

  • Assess each safe independently, but consider them together.
    While each safe is evaluated on its own, all five must be considered collectively to ensure a balanced and comprehensive understanding of risk.
  • Each control should meaningfully reduce disclosure risk.
    Any safeguard or risk control introduced—whether related to people, projects, settings, data, or outputs—must contribute to lowering the overall risk.
  • Different data requests require different levels of control.
    The strength of controls within each of the Five Safes can be adjusted (“dialled up or down”) depending on the context, sensitivity of the data, and intended use.
  • Zero‑risk is not achievable.
    The goal is not to eliminate risk entirely—this is impossible—but to manage it to an acceptable and well‑justified level.