How can I find and share data and information?

The Queensland Government is a huge generator and consumer of data and information. Yet regularly, decision makers across all levels do not have access to all the information they need when making crucial decisions – particularly if the information or data is located outside of their agency.

The advice below will assist you in identifying what information you have, understanding the quality, integrity and confidentiality of the data and making a determination on what you can share and how. The aim of this work is to facilitate data sharing and embed consistent privacy and security protecting processes in all Queensland Government agencies moving forward.

Please note that there may be links on this page which can only be accessed by logged in Queensland Government employees. For publicly available data and information, please see the Open Data Portal.

Where can I find and publish data or information?

Finding data or information

If you would like to discover, use, publish or request publicly available Queensland Government data, please go to the Open Data Portal. If you are a Queensland Government employee, the Accessing, publishing and using data page provides an overview of what resources exist which can enable you to publish and share related Queensland Government data.

To assist with the discovery of data and information, a centralised Queensland Government Data Catalogue (for Government employees only - email transformation@qgcio.qld.gov.au for access) has been established. Queensland Government users can search this catalogue to locate data and information that may be of use. Government employees can also access the Information Asset Register collated as part of the annual ICT Profiling activity by requesting access through the ICT Console.

For those wishing to examine the information sharing process in depth, or hoping to put more rigor around their sharing, please access the Information sharing authorising framework (ISAF). The ISAF consists of a set of guidance and advice to assist agencies seeking to establish and manage an information sharing activity. It is broad in it's design and can be tailored to facilitate sharing across the full spectrum of data for a range of uses.

Improving the discoverability of your data or information

Your agency collects, stores and manages data for a variety of business purposes, however this same data may be useful, or even crucial to improving another agencies functions and services. Publishing your data and registers helps potential users identify what data is out there, which agency has the data they need and who they need to approach to request access.

Sharing about sharing is important! Successful use cases provide support to the growing body of evidence that sharing information can enhance productivity, improve service delivery and ultimately produces amazing outcomes for the people of Queensland. It also helps to ensure transparency, build trust and demonstrate policy compliance.

You can learn more about improving the discoverability of your data and find out who is sharing information and how.

What is the process I should follow when requesting or sharing data or information?

Process overview

The below steps are aligned with the ISAF, and provide a general overview which agencies can follow when either requesting or supplying data. They have been developed out of agency experience of finding, sharing, and using data.  They now provide a model moving forward for how agencies can appropriately and safely share data and enable better Queensland Government service delivery.

Applied examples

The use cases linked below demonstrate how the process can be applied to specific activities. These are best practice use cases which provide detailed information on how to obtain, share, and aggregate Queensland Government data.

The Queensland Data and Analytics Platform (QDAP) is a whole-of-government analytics platform within the Department of Housing and Public Works which enables Queensland Government employees to access and share government data. QDAP is central to the use cases due to its role in identifying, sourcing, aggregating and sharing data.

What are the general roles and responsibilities I should be aware of?

Data suppliers

Requests to access your data or information can be initiated in many ways. If you have published your holdings on your website or through the QGCDG, you may receive requests directly. Other requests may be triggered by an incident, a new project or a research request. It is important that your agency has a good understanding of its data and information holdings, who the custodians are and a documented process in place to respond to requests.

As a data supplier, you should be aware of the below roles and responsibilities.

  • Take all the necessary steps to ascertain whether they are holding the requested data.
  • Complete a comprehensive preliminary assessment, including data quality and sensitivity.
  • Undertake security risk assessment of the data if it is currently unclassified (see Queensland Government Information Security Classification Framework (QGISCF)).
  • Ensure any authorisation includes:
    • statement of authorisation and the legal instrument being relied upon
    • timeframe
    • purpose of sharing
    • permitted usage conditions:
    • When you share your data or information, it is up to your agency to define and monitor any constraints there may be on the use of the information you have shared. Permitted usage conditions help define what can be done with the shared data and provide a mechanism for monitoring the ongoing progress of the arrangement.

    • security classification (QGISCF)
    • access limitations
    • availability of data and the outputs of the analytics, including publication permission (e.g. of aggregate datasets)
    • process to follow if further use of data is required for another purpose
    • monitoring and auditing requirements
    • record keeping and destruction protocols, including a review period to renegotiate with custodians.
  • Explore the potential to add the data set (in whole or part) to the Queensland Government Data Catalogue and/or publish aggregated or obfuscated data to the Open Data Portal.
  • Record and store authorisation, including permitted usage conditions.

The content of the data requested will have an impact on your decision to release. If the requested data contains personal, sensitive or classified information, you will need to evaluate this as part of the decision making process. However, while privacy and security requirements must be met, they should not inhibit shared access to government information where it is permissible.

Data receivers

As a data receiver, you should be aware of the below roles and responsibilities.

  • If data is supplied without security classification, request data suppliers to undertake security risk assessment (see QGISCF).
  • Store and transmit data in accordance with its security classification (QGISCF) and ISMS requirements.
  • Request that data suppliers review permitted usage conditions prior to using the data for any purpose not already contained in the permitted usage conditions.
  • Ensure all authorised users have read and are familiar with the requirements of the access and use policy.
  • Store and use data according to the terms of the authorisation (including permitted usage conditions).
  • Store and use data according to the terms of the access and use policy.
  • Ensure any use of data can withstand peer and public scrutiny and/or disclosure.
  • Abide by the Information Privacy Principles (IPPs) and the National Privacy Principles (NPPs) in the Information Privacy Act 2009 and Queensland Government Code of Conduct provisions.
  • Maintain complete and accurate records of storage and use of data.
  • Report any incidents of inappropriate access, use and/or disclosure to the Data Governance body.

Data governance body

A data governance body can monitor and facilitate data sharing by adhering to the below roles and responsibilities.

  • Facilitate cross agency security risk assessments where required.
  • Resolve unforeseen issues in data requesting, sharing and use.
  • Ensure all parties are following the permitted usage conditions.
  • Facilitate amendments to the conditions of use.
  • Identify and address unauthorised access, release, or use of data.
  • Handle publicity and marketing; ensure that any data use or sharing can withstand peer and public scrutiny and/or disclosure.
  • Ensure all parties abide by the Information Privacy Principles and the National Privacy Principles in the Information Privacy Act 2009 and Queensland Government Code of Conduct provisions.
  • Maintain and make accessible the access and use policy.

Independent audit and review body

An independent audit and review body can provide further checks and balances on the data sharing process for the Queensland Government.

  • Additional body to audit and review decisions of the Data Governance body.
  • Handle escalated complaints and disputes.
  • Develop lessons learnt as a result of sharing initiatives and make recommendations for process improvements.
  • Investigate and report on the outcomes of data breaches and unauthorised disclosures.

Where can I find data and information sharing resources?

For additional resources, refer to the Queensland Government Enterprise Architecture (QGEA). The QGEA Policies, Standards and Guidelines contain tools and techniques to support decision making in the Queensland Government.

Some useful resources are provided below.

If you would like to provide feedback on the resources available on this page or have suggestions for additional content, please contact us at transformation@qgcio.qld.gov.au.


Last Reviewed: 16 July 2020