 The first Australians, the custodians of the lands and waters on which we meet, and for me that's the voluntary people of the Kulin nation, and I would like to pay my respects to elders past, present and emerging. So first of all, a big thank you to all of you for coming to this webinar. So the focus for today is the data availability and transparency scheme. And first of all, well, I'll introduce myself. I'm Keith Russell and I'm manager engagements and expertise at the Australian Research Data Commons. As we've been engaging and talking to universities around Australia over the past few weeks, we've been having some questions around about the data availability and transparency scheme, and especially some questions around what does it mean for a university to be accredited as a data user? So as these questions came in, we said, well, actually, maybe worth having a webinar around this and ONDC has been very, the Office of the National Data Commissioner, has been really kind and was very happy to take that on. So we are very excited to have them here. Initially, the question went out to institutional underpinnings, group of 25 universities we're engaged in a project with. But we thought we'd broaden this out to all universities in Australia, and the invitations gone out to all those universities. So I hope this is useful to get a sense of what's involved, what does it look like, and if it will give everybody a chance to ask some questions too. So I'd like to hand over to Susan Calvert. And Susan Calvert is Assistant Secretary, Strategy and Delivery at the Office of the National Data Commissioner. So I think she's definitely very, very knowledgeable on this topic. And it's great to have your time, Susan. And thank you for being willing to deliver this webinar and discussion around the data scheme and what's involved. That's great. Thank you so much, Keith. And thank you so much to the ARDC. We've been terrific partners as we embark on this journey to make data sharing much easier for universities. So really keen to hear your feedback today. We have a short presentation and we're happy to share these slides with you and really keen to take questions along the way. Or at the end, we'll have plenty of time for questions, Keith. So we'll just get started. So our agenda for today is really to talk you through the data availability and transparency act and how the data scheme works. We're also really big to focus on accreditation and how accreditation how people can become data users under the scheme. What are some of the benefits of accreditation and the process of getting accredited and we'll also demonstrate the data place system that will help you do this and look forward to hearing your questions. So just as a bit of context, the Office of the National Data Commissioner is here to help you. We really focus on four areas, supporting data sharing for public benefit, building data sharing capability right across the public sector and with a national approach and operating effectively and efficiently as a regulator and educator on data sharing. And finally, to build trust and transparency and data sharing. So there are objectives. The reason that we've developed this data availability and transparency act is to unlock our national data assets. So the Productivity Commission in their report in 2017 found that we were really underutilizing our data assets and that there was really real public benefit that could be achieved by using them. So there are also a whole bunch of barriers to data sharing. And I know the researchers on this call will be very familiar with that. What users told us was it takes too long. It can be a two, three year process for a complex integrated data sharing project to get all the players on board. Universities told us they felt like they were at the back of the queue when trying to access Australian government data. They told us it was actually hard to even understand what data assets the government held. So what we've we've really worked to overcome all of those barriers and what we're about is really research and innovation and data sharing that improves government service delivery that informs government policy development and program design and also supports research for public benefit. So that's the purpose and why we're doing this. Just on the next slide there, you can see how the scheme operates and this is how the whole legislation operates on one page. So I won't go into it in a lot of detail, but happy to take any questions on this later and you can see in the middle there that there's three main participants of of the data scheme. The first are users, the data users that and we're seeking accreditation for those users to be able to operate in this scheme and people who can become data users include all Australian universities and researchers within those Australian universities automatically can access the scheme once their university has become accredited. We also have accredited data service providers. So these again can be universities and Commonwealth, state and territory government bodies. And the purpose of data service provided is to provide data services such as complex data integration, data de-identification and provision of secure data access. So think of the ABS data lab as one of those. We also have the data custodians who hold the data at the moment and look after the data. And these can be these are all Australian government agencies. So data held by Australian government agencies is included in the scheme. Of course, there's some that's excluded and we can go into more details on that as well as the legislation. We have the National Data Commissioner, Gail Mills, who is the regulator of this scheme and her office that that I sit in supports her in that role. We also have the National Data Advisory Council, which includes some government members and also some independent members who give us advice on administering the scheme. And you can see around the outside of this diagram, a lot of white boxes that contain the scheme safeguards. And so we'll go through those very quickly. Just data can only be shared for certain purposes that we've been through. Accred data users will be accredited through the scheme. The data custodians are not required to share, but they must provide reasons if they refuse to share. And so the government is really setting up here to share wherever possible the data, and this is giving universities access to quite sensitive and personal information that data sets that have in some cases have never been shared before. So it really is opening up information and that can be used for new and innovative research. All data sharing will occur according to our data sharing principles. And so they're the evolution of the five states. They're looking at project people, settings, data and outputs. And when Julia talks to the accreditation process, she'll show you how we're dealing with those at the accreditation stage or some of those. We also, of course, are aligned with the privacy legislation. We're aiming to continue to protect privacy in line with existing legislation. And other safeguards on the right-hand side there include data sharing agreements. So all data that gets shared under the data scheme will occur through a data sharing agreement. And we're really about transparency here as a way of building trust in the public that this data will be used for good and be kept safe. And our transparency and reporting requirements really involve registering data sharing agreements and keeping registration of accredited users and accredited service providers. And we'll also be doing an annual report. And finally, up the top right there, the commissioner has a regulation and compliance role. She can actually handles complaints that occur. And we also can issue directions and seek civil or criminal penalties. So it's a level of regulation that hasn't existed before in data sharing. And it's intended to keep the information safe and make sure everyone follows the scheme. So down the bottom in that blue bar, we also have two projects that really enable the data availability and transparency act scheme. And first of those is data discovery. And this project, my office runs and they working currently with 18 Australian agencies just to help them discover their data assets. Obviously, the first step in sharing is knowing what data you have. And we are building data inventories in a consistent way, working with those 18 agencies. And we're extending that program to 35 agencies over the next year or so. And the idea there is to have a list of data assets that are held by agencies that will then be searchable through an Australian government data catalogue, just making it much easier for researchers and users to find the assets that we hold and who holds them. The second big piece that we're working on there is data place. And this is an IT platform, which actually helps you through all the steps involved in participating in the data scheme, but it also is there to help you with all data sharing. So even even the current data sharing that you're doing can now be done through data place. So this is a will Jesse in our team will be providing you a demonstration of how this works if you were to seek accreditation. But it really is a tool to take you through all the steps of the data sharing agreement process. So I think that's an overview of the scheme and how it operates. We'll just now go on to the next slide, which is moving to Julia. Do you want to sit here, Julia? Then you'll be able to, everyone will be able to see you. And just I just introduced Julia, who actually heads our accreditation team here at the ONDC. And Jesse, who works with her, who is doing all the hard work accrediting agencies at the moment. And we have interest at the moment from 10 participants in the scheme who are seeking to get accreditation as a data user. Just going to a little bit more detail about how accreditation works and the benefits of that. So hand over to Julia. Hi, everyone. Thanks, Susan. So talking through some of those benefits of being accredited. So as Susan mentioned, being accredited in to participate within the scheme allows you. It gives us a legislative override for data sharing under the data scheme. And it gives us a streamlined, consistent terminology and risk management approach to data sharing, particularly over the tools of data sharing agreements. We also data place provides a single platform to manage and manage your data requests and track data sharing agreements. Another benefit of being accredited, particularly as a unit as a user, is that data custodians must provide reasons to accredited users if they refuse to share with you through your data request. So they must provide you a reason as to why they won't share that data with you. ADSPs are highly skilled in managing data requests and DSA processes, and that's also a role that's available within the scheme. Susan mentioned a number of the transparency and transparency mechanisms around available under the scheme, such as the registers, the annual report, etc. So where the commissioner has that regulatory oversight and is able to overview those processes. The accreditation is also can be a really useful prompt for a lot of organisations to focus on your data maturity. And because it does, accreditation occurs at that organisation level. So it really gives that organisation opportunity to really understand where their data maturity is at and areas where they may need to improve. I might go to the next slide. So I mentioned a couple there. Accreditation is only Australian state, territory, government bodies and Australian universities as defined in our Act may apply or become and apply for accreditation under the scheme. Any foreign entities and some Australian entities are also excluded from accreditation. Accreditation occurs, as I mentioned before, at the organisation level. So that means when you apply for accreditation, it's the whole organisation that's applying for accreditation. It's not an individual researcher, and it's not an individual business unit within the organisation. The safe sharing of data is a two step process with the finer controls being applied in the data sharing agreements. So for user accreditation, we focus on the of the five safes. We're focusing on the people and the settings in accreditation and all the finer controls around the the project, the type of data, etc. is considered is looked at through the DSA process. Essentially, the Act provides three main criteria for both users and ADSPs and then a fourth extra one for accredited data service providers, which relates directly to the services that they could be providing. The first of the criteria covers appropriate management and governance policies and practices as appropriate. And the second one covers the risk managing the risk of unauthorised access sharing or loss of the data. And that really focuses around your ICT settings and how you keep data secure. And the third one focuses around the skills and capability within your organisation to ensure that the appropriate use of the data and that the organisation has that ability to manage the risks in relation to those matters. And then with ADSPs, as we mentioned, the three main services there are a de-identification data service, a secure access data service and a complex data integration service. I'm going to go to the next one. So user accreditation services a gateway into the scheme and ADSP accreditation is that expert intermediary to support safe data sharing. Just a couple of the differences between the two. The user accreditation allows you to make data requests under the scheme, but it does not allow the right to access the data. User accreditation is either granted by the Minister or the National Data Commissioner. And accreditation can be granted with conditions. So that's where we can allow if a organisation, for example, says that they never actually want to receive data or hold data within their own systems. We can still accredit you with a condition that you never receive data and that perhaps you always use an ADSP and a secure access data service to access the data. For user accreditation, once you are accredited, you are required to update any relevant information to your accreditation regularly. However, there is no requirement to renew your user accreditation. It's a continuous accreditation. For ADSP accreditation, it will be the National Data Commissioner making that decision. And once again, that can be done with conditions and perhaps that might be around the services. So if an organisation doesn't have, doesn't want to provide secure access data service, they just want to focus on complex data integration service, perhaps we could limit their accreditation to only providing complex data integration. Another difference with ADSP accreditation is yes, they are required to update their information as relevant as it comes relevant to your accreditation, but they also need to renew their accreditation every five years. And another important thing to note, it's a one organisation may be accredited to be both a user and an ADSP, because they are very different roles in the scheme, which brings me over to making an application, which I can get Jesse to talk through. You're able to introduce Jesse. I'm going to try my best because I'll be sharing screen from a different laptop. And you can see me here as well. Show you what the down the place side looks like. So that should be working soon. And it's cool. You can see that. So this is the other place. Once you first get on, this is the homepage that you can see before you are authenticated onto the place. So the first thing you want to do is some information available for you to get started. You can sign up to our newsletter as well. To get into the place, you'll be logging out as part of your organisation. So on the top right, you click sign in. And this will take you to the signing page, which has three authentication methods. Since we're a university, we should be familiar with the Australian Access Federation, which is what the university will be using to get onto the down the place. So after you click through the eighth method, once you log in, you'll be logged on to the down the place. And this will be similar to the page you will see, which gives you a bit more options once you authenticate on the down the place. So I'll just go through quickly the accreditation and what that looks like. So to get started, you just want to scroll down and click apply for accreditation. And here you will see a bit of information on what accreditation means and two types of accreditation, both the user and the data service provider. There's some supporting documents available on the down the place and also on the R&D website, which I'll show you in a bit. This for both user and ADSPs is a checklist that you can look through before you start anything on down the place. That will just help guide the organization through each of the steps that you need to take before you are mostly ready for starting the application. As Julia mentioned, the accreditation purposes have a whole of organizations. So if you're, I guess, a researcher, you probably don't need to worry about applying for accreditation. But for those of you here that I'll just take you to what the user form looks like. And I'll go through the ADSP form very quickly as well after. So it's the user is a series of smartphones or a series of screens which can click through to answer a series of questions. There's a lot of questions in the applications, so it takes a lot of coordination within the organization from the different areas of the input as well. So just to show you very quickly, there's some information about the organization, including the authorized anti-contact officer for the organization. And then just a bit of detail to guess some of the information will be pre-filled based on your authentication method as well, or you can just enter in your own details. A little bit about the organization. I won't go through detail because we'll send through the documents and the links after. So that's all available online. And a few questions about the organization. And then, as Julie mentioned, there's three main criteria that we look at for accreditation. There's data management and governance. There's the minimizing risk of access. And there's the skills and capabilities of the organization. And these three criteria are loosely mapped into the three criterion here you can see on screen. So you've got data management and governance, security, and skills and capability. But there is no one-to-one relationship between the application, the criteria, and the questions. So we tend to look at the application for the organization as a whole and see how the organization measures up to each of the criteria. So in the questions, there'll be some context in questions such as the volume of data holdings for your organization, the sensitivity of data, and the subject matter. A bit which some of you may be familiar with that looks like data maturity questions. So just knowing the type of data you hold. This was sort of a sales assessment. And then there's the sort of factual model of choice, how your organization deals with personal information, and what sort of roles you have. For security, I just want to show very quickly, it's a smart form. So depending on how you want to hold data, your question may be very short. If your organization is not intending to hold data within your own networks, so you do you would like to use a secure access service. If you just select no, then that's it for the section. But if you would like to hold data, there's a few more questions you need to answer. And for universities, we don't expect there will be protected networks. So if you want to hold data, you have to enter a lot of details about your own security settings. And skills and capabilities, it's a bit more of the same type of questions. A bit about the data roles, and a bit about the data access and the manipulation methods. And just sort of the HR sort of processes and training available there. And then to when you complete your sections, there will be the consent declaration, which is for the authorized officer to do, which is defined under the data act. So we will have guidance coming about who can be an authorized officer as well. So once you fill all that through, you can review your accreditation, the cases that you started on your managed accreditation page as well. And you can sort of click through or delete or withdraw your accreditation as well from this page. We do want to say that we do caution you before you start accreditation, because once accreditation is started, there's only a limited amount of people that can access the accreditation. For user, it's the person who started the application, the authorized officer listed and the contact officer listed. So you want to make sure that you are the correct person to be doing this on that plate before you want to enter into this. And for the data service provider application, it's only the person who started the application can access the application. So if you're interested in what the forms look like, without getting into it on the other place, there will be documents such as the checklist and also a sample form. This is a user sample form, which has all the details for all of the questions. This is only a guide, because based on how you answer the questions, the database will show you a different set of questions as you saw there with security. So it's a very quick flixer of what the guidance looks like. And there's also our help page on the RNDC website, which you can also find this information without you needing to authenticate on-through data place. I might just wrap it up there and then pass it to Simon. Thanks so much, Julia and Jesse. Hopefully that shows you the process involved very clearly and the data place tool and how that can support you. I just wanted to raise a couple of things. Data place is there to make your life easy. And a key point is that it doesn't affect any of the current data sharing agreements you have in place. They can continue as is. This is just an opportunity for the new agreements to be set up in a way that makes it easy for you to track them down the track. So as a university, you can look at all the current requests being made, where they're up to, how long they're taking, and just makes it a little bit easy for you to manage those in an ongoing way. So you can have oversight from the monitoring once the agreements are made. The other thing that we can do is it really streamlines the process and takes some of the pain out of actually going through a data sharing agreement process because it's doing a couple of things. It is asking the relevant questions, so being clear about what we need to know to set this in place. And it can be used for all of your requests of the data for government, whether it's under the data scheme or whether it's the data sharing similar to what you're already doing. And if you request information of one agency or there's multiple custodians involved, you can do it all through the one request rather than having to do a new request because that's not the agency that has the data. So that just makes it a little bit streamlined from your perspective. And it also would generate automatically a data sharing agreement based on the information you've provided about the project. So it just means the first draft of the data sharing agreement is automatically generated. It means all agencies, government agencies across Australia are using the same clauses and the same approach. And so it just builds that consistency so it's not something different every time. So we're really hoping there's some benefits to universities in working through data place. And thanks so much for that excellent demonstration. I'm just going to hand over to Simon Galant, who's a key member of our team who heads a stakeholder and engagement branch and he'll just be talking through the next steps of, and where we're up to with the data scheme rollout. So I'll hand over to Simon. I'm going to jump here. Simon, let's see. Thanks, Susan. Hi, everyone. Just quickly run through what we see the operations of the scheme looking like over the next few months. You can see from this slide that we've been working pretty hard on engaging across all our spheres of participants, particularly the government, Australian government and the university sectors. The scheme is now well and truly open for business with everyone being able to apply as of the 1st of August this year. So if your organization is keen to apply, you can now definitely do that. There are no timeframe barriers there. To help you get informed about what you need to do, we're continuing to run information sessions. There's some high level ones that are suitable for anyone who just wants to get a bit of background on the scheme and then we run our long sessions not dissimilar to this one on how to get accredited and we'll be standing up some soon on developing data sharing agreements and some of the more complex parts of the act. We've also just wrapped up our first round of public consultation on some subordinate legislation, so ministerial rule on accrediting integrating authorities and data service providers, as well as our public consultation on our data code, which is the code of practice for how we apply data sharing principles and manage some issues around privacy. And there'll be some more, there's more consultation now on the register of accredited data users and the evidence that we require for users and service provided accreditation. Susan's mentioned data place a few times and Jesse gave you a run through how you use data place to apply for accreditation. Data place is an ongoing piece of work that we're still developing. We'll be working on, or we are working on how to get organizations actually making data sharing requests and coming up with data sharing agreements at the moment, hoping to release that functionality towards the middle and end of October. And then there's another nearly two years of funding that we've got to progressively improve and enhance data place. So if it's the sort of tool that your organization is interested in using, it's a really good opportunity to get on board early and help us understand what the requirements that our users really are going to be going forward. Lastly, one of the things we haven't spoken about much today is the data inventories program where we're discovering agency data assets across the APS. So in August, we'd already initiated 15 projects to create data inventories across the public service. I think we've already got four or five more now just in September. And we're starting to begin the development of this searchable Australian data catalog based on some user research that we're doing. We're expecting to have more than 20 data inventory projects underway by the end of this year and a beta version of the catalog towards the middle of next year. So those inventories will give anyone who wants to opportunity to search through lists of the data assets helped by Australian government agencies and search the catalog for those. That'll include information on how to request access to those data assets, particularly if you're an accredited user under our scheme and using data place to make that request. And that brings us pretty much to the end of our presentation and I will open up to questions. And there's many of us here in the room so you can ask any kind of question you'd like to and we will answer as best you can. If we maybe start by taking questions in the chat and I can pass them on so we get a sense of how many questions we're going to get. And while people are putting questions into the chat, thank you very much. And thank you also very much for juggling technology and taking turns behind the screen. I can imagine that security sometimes can add an extra complication in presenting. It was a great presentation and really interesting. So it gave a really useful overview. So how are we going for questions in the chat, Nicola? Nothing I can see as yet. Getting some music, yeah. Apologies. No, it was lovely and it gave us time to think. Thanks for the music for you there. It was brilliant, very effective. Where can we find more guidance on the various roles relevant for user accreditation? Has this been developed or still to come? There's a couple of places. One is when you go into data place, there's actually some information there that will help you through the steps in the process to become accredited. And the second place is our website. Do you want to tell people the address? Which we can put in the chat. datacommissioner.gov.au And there is quite a lot of information on that website and pointing through to data place to find out information about those roles. Is it alright if I ask a clarifying question? Yes, on your question there, the various roles needed to get accredited. So the criteria specifically focuses on a requirement to have an individual within your organisation who is responsible for data governance and management within your organisation. And so you'll need to demonstrate that that person exists in your organisation, that they're in a reasonable position to lead your organisation in that role. And part of the requirement is that they are qualified to do that. So there's an element where we need to know a bit about that individual that comes through in the application form. Apart from that, to be accredited, that we don't need to know anything more about specific individuals, that just that your organisation has those appropriate data governance and management touch structures in place. And it could be committees as well. Thanks, Julia. And Jesse's just put the link in the chat so you can find the information on the website. But also, of course, we're here to help. So give us a call, send us an email. We're here to help you get through the process and make it as fast and easy as possible. Awesome, thanks. Okay, the next question. Is there a specific order that universities need to get accredited, i.e. user first and then data service provider? No, not at all. And what we're working to do is to streamline that so you could apply for both at the same time. Obviously, the standard of data capability and data security that's required to be a data user is not as high as it would be for a data lab kind of situation. So it is a faster process to become a data user than it is to actually become an accredited data service provider. So if you wanted to stagger it, your user accreditation will likely come through first. And just to make clear too that they are two very separate roles, the user accreditation allows you to receive and use an access data under the scheme and then ADSP is an expert intermediary to allow that data sharing to occur. So each data sharing agreement must have a data custodian and a data user, but an ADSP is an optional participant within the data sharing. Okay, thanks. How does external collaboration take place with those who do not have a user accreditation? I, Australian collaborators and overseas collaborators? That's a good question. So at the moment, our data scheme is limiting in terms of its participation just to be Australian government, state and territory government and Australian universities. Now, that doesn't mean that we can't involve researchers from outside of those boundaries. So as long as an Australian university is taking the lead on that. So for a particular data sharing project, just as you have now, you can have people from outside the university participate on your team. But for example, if it's a foreign national researcher, they'll go through an additional level of scrutiny as part of signing off on that project by the data custodian. So, yes, there are ways. And we can also have the private sector participate in a contractual way with the university. So there are ways to have that happen, but essentially the university will be the lead and taking the risk for that project. Oh, thank you. Will data place eventually be the only way to access APS data? Absolutely not, but we're hoping it'll be the easiest way. It doesn't affect your existing mechanisms. We just know that some of those haven't been as easy as they could be, and we're hoping this will significantly speed things up and simplify the process from a data user's perspective. Well, thanks. Okay, great overview. Thanks, Mrs. Persson. Do you have a feel for how long the accreditation review process will take? What's an application has been submitted? Yeah, we're aiming for it to be close to six weeks. Of course, that depends on... There'll be a stop the clock kind of process if we don't have the information required to make the assessment. But what we're trying to do is make it as easy as possible. But thank you for everything that you have readily available now and then tell you if we need anything further. So we're trying to make it as streamlined as possible and use documentation that already exists and that the data users already have. But to date, we haven't actually completed an application, so we'll be having a much better idea of how long it takes once we've done a few. So, yeah, we don't think it's going to be an overly time-consuming process from your side or our side. Fantastic. Is data available to university students, PhD or higher-degree students? Do you want to answer that one? The short answer is yes, if they're part of a project that's being led by a professor or a key researcher who is an employee of the university. But the university's requested that we didn't allow access to all students just because obviously they're taking responsibility for the students and if they were to lead a project on their own. But they certainly can be part of a research project that the university is leading. Yeah, I wouldn't have anything more to add to that, Susan. Thanks. There's a specific part in the Act section that talks about designated individuals which covers that off, but that's about, yeah. Sure, thank you. Okay, knowing some government groups have commercial partners who assist in maintaining or hosting data and others may still be setting up technology to share this data. Will there be information on costs or technology needed to access associated with the data sets in the data inventory or discovery platform? That's an excellent question. Thank you. From the cost perspective, we are setting up some guidance on agencies being able to recover their costs for the time it takes them to share that data. So this is a fee that's just offsetting the resourcing it's taking them to deliver on that data sharing agreement. And it can include the time it takes to set up the agreement to actually share the data and to manage it in an ongoing way. But it's not to make money from that. It's just really a cost recovery piece. And the other part of the question, Simon, do you want to answer that? Because I didn't catch it all. So the question, Susan, goes to whether there's information on technology needed to access these being captured through the data discovery program. And I think the short answer to that is no, we're not building out a comprehensive list on how you would access each individual data set through the discovery program. But we will be providing contact details for the custodians of those devices. Yeah, that's exactly right. Thank you. Great. So next person says, so I realize I'm jumping way ahead of myself here. But in terms of the information or answers that we put in the accreditation, a lot of that detail is likely to change over time as universities change and improve their systems. What are the expectations on regular or ad hoc updating of that information or reaccreditation processes? That's a great question. Thank you. Julie, do you want to answer that? Yeah, sure. I can answer that. So for ADSPs, there is a renewal process that needs to occur every five years for user accreditation. Once you're accredited, you remain accredited. And there's a, for both types of accreditation, there is a requirement to update your circumstances in relation to that accreditation regularly. At this point, we, as Susan said, we haven't accredited anyone at this stage. So we're still waiting to get a few more applications in and get a feel for exactly what kind of things we need to be updated for and what kind of time frames we'd expect those updates to come through. Certainly things like change of organization ownership, for example, that would be something that we would, you know, need to know as that kind of occurs. However, some other things could probably wait a little bit longer. So we'll come out with more guidance. Just to have fun, from a university perspective, we're very familiar with the effort required to keep ethics approvals up to date. And we're really trying to simplify this as much as we can. That the actual accreditation might be annually as opposed to every time something specific changes. So we will set some guidance on that, but we are very conscious of not putting a work burden on universities unnecessarily. Brilliant, thanks. There is, was a process for people accessing sensitive ABS data. Is that now replaced by this new accreditation process? No, not at this stage. We're really not affecting any of the existing arrangements under way. But you know, that's a great question and maybe there's an opportunity to align those processes down the track. But I know the ABS is certainly looking at using some of our tools and systems like Dataplace to, for some of their data sharing to make things consistent and steady moment as well. Great, thanks. Are Anchris capabilities included in the permissioned list of participants as users or data service providers? Can you answer that one for us, Simon? The answer is it probably depends. So the organisations that are able to become users or service providers are Australian government, State and territory government and Australian universities. So it's my understanding that different Anchris facilities have different corporate governance structures. So an Anchris facility that was entirely hosted by a university could be covered by a university's accreditation. But an Anchris facility that's a government-owned company limited by guarantee or something might not be able to. So it's probably a case by case basis on those things. Thank you. Okay, what is the place of data outputs in the scheme? These may include some data sourced under the scheme, but that would be combined with other data brought to the process by the uni. What are the options for who can be the custodian? Can they be exited from the scheme for publication? Great question. And again, to use Simon's phrase, it will depend on the particular data-sharing project. As an example, there may be a complex data integration project that is using sensitive personal information. But then the products that exit the scheme might be de-identified reports. And so that will be appropriate in that instance. What cannot exit the scheme is the sensitive or personal information. Do you want to add to that, Simon? Sure. So when we're talking about custodianship, all scheme data has to remain, the custodian of that data has to remain the original data custodian unless it formally exits the scheme. And as Susan said, where there's particular sensitivity to that, it's very unlikely that the entirety of that data set would ever be allowed to formally exit the scheme unless there was some pretty significant controls put around how it exits the scheme. But certainly, yes, we expect data to be exiting the scheme for publication, especially around research. That's right. And aligned with the data-sharing agreement, so just as it is now, the rules for that will be set on a project-by-project basis by the data-sharing agreement. That makes sense. Given a uni's level of data management maturity and resources available, would it be better to apply regardless of level of maturity or to wait until a certain capability and capacity is reached before applying? I guess we think apply now, because then your university has access to the data. We think that almost all of our Australian universities have the built-out radar level that they would be able to achieve accreditation at a data user level. And if not, we're here to help you get there. So we're trying to make sure we have the right capabilities in place, but we don't think from an Australian university perspective, it's a very high bar. And the other option is we can credit with conditions, which, again, are safeguards to respect the level that you're at in maturity as an organisation. And the other thing we can do is credit parts of the university, for example, not the whole university research teams don't all have to be at the level of an ADSP, I'm sorry, an accredited data service provider for that university to be accredited. It could be just a team within that university. So there's sort of ways to make that fit for purpose. Great, thank you. So that was our last question, but we have just a few more minutes if anyone has anything else that's come up. Otherwise, I will hand us back the case. Yes, so there was one question that, as I was listening to the presentation, and I was quite curious about, and this might be a little bit further down the track. But especially when looking at the ADSP as being accredited as a data service provider, if a university is working on government data, perhaps combined with other data, and providing that as a service to others, is there then a requirement that they would be accredited as an ADSP to be able to do that into the future? That's a hard question. Thank you. It could be the case. And again, it would depend on the specific data sharing project. So I'm sorry, I can't give you a really clear answer on that. Is anyone else going to do a better job than me there? I don't think that's a properly complex question. That's a very hard question, Katie. But we're happy to help you through that on a project by project basis. So yeah, it's an excellent thought. What we're really just trying to do here is keep personal information safe and sensitive information safe, but enable it to be used for good research outcomes. So anything that fits within that criteria, we'll try to make it work. Okay, great. Thank you. I see there are two questions which have just come in. So one question is, if you can just accredit a team within a university, can just a team apply? Okay. So not for data user accreditation, it has to be at the organization level, but for accredited data service provider, I guess that the university would have to apply on behalf of that team. And the condition on that accreditation would limit the accreditation to that team. Is that right? That's right. Good. Thank you, Julia. Okay, thanks. And there's one final question. You might have already addressed that in the response to my question. If we don't anticipate providing ADSP functions as a service to all, but may do some such activities depending on the project, for example, integrating data from different sources or de-identifying information for release exit, do we need to apply as an Australian data service provider? Credited data service provider, sorry. It's a bit of a complicated question. Sorry, Keith. We were just debating among ourselves. Can you repeat the question for us? Yeah. So I think the question is really what if a university wants to provide some of the functions, but not all of the functions as an ADSP? Do you still actually need to apply as an ADSP? Yeah. So when you apply to be accredited as an ADSP, you could just have one of those three service data services as part of your accreditation. So you don't need to provide all of them. So we can accredit you just to provide, you know, for example, secure data access or something like that. You don't have to be accredited for all three of those services. And I think the other part of the question was, do you have to provide those services externally unless I misunderstood? But I think some of our existing accredited integrating authorities that will automatically transition to become accredited data service providers some of them do big, you know, and a very big range of projects like the ABS Data Lab and AIHW. But some of them are just set up to pretty much provide that service for themselves. So for example, some of our health organizations are really just doing that data service provider for their own facilities and use of their own data. So either way. If I can just add some extra legalistic stuff to this. Thank you. Thank you. There's a concept in the Act called complex data integration. So if the university is just doing data integration work for its own research projects, it doesn't need to be an ADSP for those. But once it becomes what we call complex data integration, which is where there's two or more entities controlling the data that's integrated and its unit level data and there's a number of other things that make it difficult, then there is a requirement that an ADSP is involved in the handling of that data. So there may be some cases where it's just the university and a single government entity trying to integrate data, but because of the complexity of that an ADSP accreditation might be needed to make that say. That makes perfect sense. Thank you, Simon. Thanks, Simon. I think that was very helpful. Okay. I think we've come to the end of the questions and we've come to time actually too. So thank you very much again for all the time and effort and the presentation. It was really helpful and gave a lot more insight and a lot more depth under the data scheme and what's involved. If we were happy to share the slides after this event and happy to share the recording and if we can include the links to the documentation that's required for accreditation that probably also would be useful. Thanks so much, Keith. I really appreciate you bringing a group together today and thanks to the ARDC for all your support. And to all the researchers on the line, we're really looking forward to working with you and helping you get the data you need for your projects. Okay, great. Thank you very much. Thank you. Bye-bye.