Our website uses cookies so we can analyse our site usage and give you the best experience. Click "Accept" if you’re happy with this, or click "More" for information about cookies on our site, how to opt out, and how to disable cookies altogether.

More Accept ×

We respect your Do Not Track preference.

Close ×

opc header logo

Print | Email this page

Inquiry into MSD Collection of Client-Level Data from NGOs report

In 2016 the Ministry of Social Development (MSD) began rolling out funding contracts that required non-government organisations (NGOs) to disclose individual client-level data (ICLD) about service users. Previously, personal information about clients was held at the NGO level and MSD did not require it. This policy change is being applied to all MSD-funded NGOs, including those that deal with sensitive issues such as psychological counselling and family violence. NGOs are deeply concerned about the impact this policy will have on their clients and ongoing service viability. 

Read the Privacy Commissioner’s Inquiry into MSD Collection of Client-Level Data from NGOs report (opens to PDF). 

Executive Summary

The executive summary of the report was written by Privacy Commissioner John Edwards. 

I have conducted an inquiry under section 13 of the Privacy Act 1993, which sets out my functions including powers to make public statements in relation to matters affecting privacy, to receive and invite representations from members of the public on such matters, and to inquire into any matter or practice that may infringe on individual privacy.

No NGO receives government funding as of right, and it is not only legitimate, but important that Government takes steps to ensure the efficacy of any programme it funds. It needs good information in order to do so. 

However, insufficient consideration has been given to means by which Government might achieve those legitimate aims in ways that do not involve the collection of excessive or unnecessary personal information.

The manner in which the policy change has been effected risks undermining the trust between individual service users and NGOs. This may deter some of the most in need from accessing necessary help because of the NGO’s inability to keep details private, even from MSD.

Such an outcome would not only have an adverse affect on the individuals concerned and NGOs, but would not serve the public interest. Unfunded or deterred (potential)
service users would not feature in data being used to inform government policy. They would effectively become invisible.

The ICLD policy has features that are likely to be replicated across a range of programmes in order to achieve the Government’s “social investment strategy”. It is a significant change in the way social services are delivered, and it is important to get it right. I have made a number of recommendations that I hope will enable Government to learn from this experience, and to ensure future initiatives can proceed without undermining the trust and confidence necessary for the effective engagement of those in our communities most in need of support.

I have concluded that the ICLD policy, as implemented, is inconsistent with the principles of the Privacy Act and should therefore be amended.

Read the recommendations in the Privacy Commissioner’s Inquiry into MSD Collection of Client-Level Data from NGOs report (opens to PDF). 

Back to top