This page explains the obligations on Department of Veterans’ Affairs (DVA) staff when handling personal information on behalf of the Services Australia (Centrelink) to administer income support payments made to Australian veterans and their eligible partners under social security legislation. An example of such a payment is the social security age pension paid by DVA.
Confidentiality provisions in the social security legislation govern the actions of DVA staff when accessing, using or disclosing personal information provided for the purpose of obtaining benefits under social security legislation. The provisions apply to all personal information provided to DVA, including personal information provided by the Services Australia (Centrelink) or the Department of Social Services.
These confidentiality provisions operate alongside DVA’s obligations under the Privacy Act 1988 (the Privacy Act).
In most circumstances, DVA will release confidential information only with an express authority signed by the person to whom the information relates or to the Services Australia (Centrelink) or the Department of Social Services in response to a lawful request from those agencies. A written authority should name the person, company or agency to whom DVA can release information, describe the type of information that can be released, and be signed by the person concerned.
This complies with the methods of release permitted in the social security legislation and the disclosure provisions under the Privacy Act.
When DVA holds personal information for administering a pension or payment under social security legislation, it is only accessed by staff who require access to enable them to carry out their duties. Pension recipients, or members of the public, may request access to these documents under the Freedom of Information Act 1982. Individuals may also access their own personal information under the Privacy Act or, in some cases, under DVA’s portfolio legislation.
DVA can release confidential information without a written authority in limited circumstances. These include:
- where required by a court or tribunal;
- under a Disclosure Certificate signed by the Chief Executive of Centrelink. The certificate specifies the information and the circumstances in which information will be disclosed. Details of what is included in the Disclosure Certificate can be found in CLIK; or
- in accordance with the Australian Privacy Principles under the Privacy Act.