RESERVE BANK OF AUSTRALIA – PERSONAL INFORMATION DIGEST 2013 ADDRESS: 65 MARTIN PLACE SYDNEY NSW 2001 23 classes of personal information subject to the Information Privacy Principles (IPPs) are held by the Reserve Bank of Australia. Included in this total is 1 class of Personnel Records. The Reserve Bank of Australia is subject to the National Privacy Principles (NPPs) and not the IPPs in relation to records in respect of its commercial activities or the commercial activities of another entity including its records in respect of its banking operations (including individual open market operations and foreign exchange dealings). The records of the Reserve Bank of Australia which are subject to the NPPs are not included in this statement. Some of the records in relation to which the Reserve Bank of Australia must comply with the NPPs relate to banking facilities offered by the Reserve Bank of Australia to Australian Government agencies. In relation to those records the Reserve Bank of Australia agrees under its contract with the relevant Australian Government agency not to do an act or engage in a practice which would breach an IPP if done by the relevant agency. As that obligation arises under contract, rather than under the IPPs themselves, the relevant records are not included in this statement. The Bank’s auditors have access to records of personal information as required to fulfil their audit responsibilities. 1. PERSONNEL RECORDS See Appendix 1 for a description of Personnel Records held by the Reserve Bank of Australia. 2. TELLING TRANSACTION RECORDS The purpose of these records is to provide the general public with limited, central bank related banking transactions. Transactions where personal information might be sought include currency transactions. related Compliance with the Anti-Money Laundering & Counter Terrorism Financing Act 2006, requirement of ‘knowing your customer’ in relation to transactions above a certain threshold, also requires first-time customers provide additional information. This includes full name, address, former names (if applicable), date of birth, signature and also identifying numbers and expiry dates related to identification documents (such as: licence, passport, birth/citizenship certificates). Some of this information is disclosed to AUSTRAC in compliance with the legislation. The personal information on these records relates to members of the public and/or private businesses that have undertaken a central bank related telling transaction above a certain threshold. Selected Banking Department staff involved in processing and/or authorising transactions have access to this information. Banking staff may retrieve this information from the Bank’s records management system, in the event of subsequent transactions. The records are kept for a period of 7 years. The records are stored on paper and electronic media. Individuals can obtain information regarding access to their personal information from the Senior Manager, Government Client Services, Banking Department – telephone (02) 9551 9962. 3. RESERVE BANK OF AUSTRALIA OFFICERS' SUPERANNUATION FUND (OSF) The purpose of these records is to administer the Officers' Superannuation Fund. Content may include: name, date of birth, address, email address, phone number, gender, marital status and names and status of partners and children. Additionally, compliance with the Anti-Money Laundering & Counter Terrorism Financing Act 2006 requirement of ‘knowing your customer’ in relation to transactions above a certain threshold, also requires first-time customers provide additional information. This includes full name, address, former names (if applicable), date of birth, signature and also identifying numbers and expiry dates related to identification documents (such as: licence, passport, birth/citizenship certificates). Sensitive content may include: tax file numbers, physical or mental health details, family law material, disabilities and financial information, including debts. The personal information in these records relates to current members of the fund, preserved members, exited members and pensioners. The following staff have access to this personal information: Management, restricted Staff Services Unit staff and the Fund’s actuary. The information is accessed on an “as needed” basis. The records are kept for 10 years after the final payment. This information is not usually disclosed to other persons or organisations. Individuals can obtain information regarding access to their personal information by contacting the Manager, OSF Membership, Staff Services Unit Ph: (02) 9551 8661 or via MyOSF which is the OSF’s secure website for members (See Section 17). The records are stored on paper and electronic media. 4. FIREARMS REGISTER The purpose of these records is to record staff training and accreditation to carry firearms if required in the course of their duty. Content may include name, address and test results. The following staff have access to this personal information: Management and security staff. The records are kept for 75 years from DOB. This information may be disclosed to authorised government organisations as required. Individuals can obtain information regarding access to their personal information by contacting Human Resources. The records relate to previous staff members and are stored on paper and electronic media. 5. VISITOR ACCESS CONTROL The purpose of these records is to monitor and control access of visitors and non-Bank tenants through or into specified areas. Content may include: name, organisation, organisation ID number, signature, gender and validation date. Sensitive content may include date and time of access to specific areas. The personal information on these records relates to non-Bank tenants, and visitors, including drivers from Cash-in-Transit companies. The Bank’s auditors and staff from Security Section, Facilities Management Department, have access to this personal information. In the case of records in relation to drivers from Cash-in-Transit companies, information is collected by Note Issue Department who store the information and provide access to Facilities Management Department. The records are kept for up to 7 years. This information is not normally disclosed to other persons or organisations. Individuals can obtain information regarding access to their personal information by contacting the Senior Manager (Security), Facilities Management Department or Note Issue Department in the case of records in relation to drivers from Cash-in-Transit companies Ph:(02) 9551 9130. The records that relate to visitors and tenants and are stored on electronic media. The records that relate to Cash-in-Transit drivers is stored on paper and electronic media. 6. FINANCIAL SANCTIONS The responsibility for administering Australia’s autonomous financial sanctions regime was transferred from the Bank to the Department of Foreign Affairs and Trade in March 2012. The purpose of these records was to record applications for approval to transfer funds or undertake other transactions relating to countries, persons or entities against which financial sanctions apply. Content may include: name, address, date of birth, phone number, and/or bank details of applicant and other person(s) involved in the transaction. Sensitive content may include information on the purpose of the transaction and amounts involved. The personal information on these records relates to members of the public who applied for approval to undertake transactions that may have been prohibited in terms of financial sanctions and persons to which financial sanctions apply. The following staff have access to this personal information: Management, and staff in Market Analysis Section, International Department. The records are kept for 10 years. This information is not normally disclosed to other persons or organisations, apart from the Department of Foreign Affairs and Trade (DFAT) and/or the Australian Federal Police (AFP). Individuals can obtain information regarding access to their personal information by contacting the Senior Manager, Market Analysis Section, International Department Ph: (02) 9551 8450. The records are stored on paper and electronic media. AUSTRALIAN PAYMENTS CLEARING ASSOCIATION 7. The purpose of these records is to detail operations of the Australian Payments Clearing Association (APCA) with regard to the administration of crisis communications with individual staff of APCA member institutions and COIN service providers. Content may include: name, work telephone number, email address, home or mobile telephone number. Sensitive content may include: home telephone number. The following staff have access to this information: Payments Settlements Department staff. The records are kept for 7 years. Name and work telephone number is disclosed to other APCA members. Individuals can access their personal information by calling the RITS Help Desk. The records are stored on electronic media. RESERVE BANK INFORMATION AND TRANSFER SYSTEM (RITS) 8. The purpose of these records is to identify individual staff of RITS member institutions: • for users of RITS - in order to issue PKI credentials for RITS user authentication and digitally signing on-line transactions; • to contact institutions with regard to RITS (including the Low Value Clearing Service and Low Value Settlement Service); and • to contact institutions concerning payment system incidents (high value and retail systems). Content may include: name, work telephone number, email address and for some users home or mobile telephone number, and signature. The following staff have access to this information: staff in the Payments Settlements Department and Audit Department. RITS user records are kept for 7 years. For other contact information, only current contact information is retained by Payments Settlements Department. Name and work telephone number is disclosed to other RITS members. Individuals can access their personal information by calling the RITS Help Desk. The records are stored on paper and electronic media. 9. DAMAGED BANKNOTE CLAIMS The purpose of these records is to track the receipt of claims sent to the Bank in relation to damaged, incomplete or contaminated banknotes and enable payment to be made to claimants. Content may include: the name of claimant, address, phone number, account/BSB information, signature, and the name/signature of financial institution staff. The personal information in these records relates to members of the public and staff of financial institutions and private businesses that have made a claim on the Bank for damaged notes. Compliance with the Anti-Money Laundering & Counter Terrorism Financing Act 2006 may require some claimants to provide additional information. This may include identifying numbers and expiry dates in identification documents (such as: licence, passport, national ID card, birth/citizenship certificates). Some of this information is disclosed to AUSTRAC in compliance with the legislation. The following staff have access to the information: selected staff in Note Issue Department and National Note Processing and Distribution Centre staff who are involved in the processing of claims. The records are kept for an indefinite period. The records are stored on paper and electronic media. Individuals can obtain information regarding access to their personal information by contacting the Reserve Bank’s Privacy Officer. 10. COUNTERFEIT EXAMINATION LABORATORY Under the Deed of Agreement between the Reserve Bank of Australia and Australian Federal Police on collaborative working arrangements relating to the storage and examination of counterfeit banknotes, details are recorded in relation to suspect banknotes submitted to the Reserve Bank of Australia’s Counterfeit Examination Laboratory. Content may include police or organisation name, name of individual, address, phone number and information surrounding the reasons for submitting the suspected counterfeit banknote. Sensitive content may include details of criminal convictions, criminal intelligence, bank account details and any other information contained in police incident reports. The personal information in these records relates to members of the public and police, financial institutions and private organisations that have submitted a suspected counterfeit banknote for assessment. The following staff have access to the information: selected Note Issue Department and Australian Federal Police staff who are involved in the assessment of suspected counterfeit banknotes. The records are stored on paper for a period of at least 90 days after initial submission for assessment. The Reserve Bank of Australia stores electronic records of basic personal information relating to individuals submitting suspected counterfeit banknotes for an indefinite period. This information is not usually disclosed to persons or organisations other than the Australian Federal Police or other enforcement bodies. Individuals seeking to obtain information regarding access to their personal information should contact the organisation to whom they surrendered the suspected counterfeit banknotes. 11. CONFIDENTIALITY DEEDS The purpose of these records is to accurately identify those persons who have signed, or are named in, confidentiality deeds or non-disclosure agreements with the Reserve Bank of Australia in relation to a range of arrangements and activities including research and development activities conducted on behalf of or in conjunction with the Reserve Bank, tenders and engagement with external service providers. Contents may include: name, address, employer and position title for those individuals. The personal information on these records relates to persons involved in specific activities that the Bank conducts with external organisations, where the persons are employed. The following staff have access to the information: selected staff involved in the relevant activities. The records are kept for an indefinite period. The records are stored on paper and electronic media. This information is not usually disclosed to other persons or organisations. Individuals can obtain information regarding access to their personal information by contacting the Head Scientist, Note Issue Department Ph: (03) 9303 0384in relation to research and development activities, the Chief Manager, Staff Services Department , Phone: (02) 9551 9005 in relation to arrangements with the Staff Services Unit and the Reserve Bank’s Privacy Officer in relation to other arrangements. 12. SUPPLIERS, CONSULTANTS, SERVICE PROVIDERS, GOVERNMENT AGENCIES AND PROFESSIONAL AND BUSINESS ASSOCIATES The purpose of these records is to ensure that contact details of individuals who are, or who are employed by, suppliers, consultants, services providers or professional or business associates are available to certain RBA staff in order to fulfil their responsibilities, including confirming that individuals have the authority to legally bind their organisation. These records would include for example, contact details of officers and employees from financial institutions, professional associations, media organisations, government agencies, central banks, consultants, service providers and suppliers. Included in these records are contact details for key individuals in both Australian and overseas organisations held for the purpose of emergency or crisis management or to facilitate working groups. These records may also include details (name, address, banking details) held to make honorarium payments, etc. to individuals. Contents may include: name, title, company name, address, telephone (including fax and mobile), and email contact details and Powers of Attorney or other signing authorities held by the individual. Sensitive content may include: Personal contact details, details relating to high profile individuals. The records are kept for an indefinite period and updated regularly. The records are stored on paper and electronic media. This information is not typically disclosed to other people or organisations. However, in the case of personal information collected from working groups consisting of a number of organisations, contact details are shared across these organizations with restricted access. Individuals would not usually request access to this information but they can seek access to, or update, their information by contacting the Department within the Bank with which they typically deal. 13. LIAISON, PANELS, COMMITTEES AND SURVEYS The purpose of these records is to maintain a list of contacts for the Business Liaison Program, for liaison with other government agencies, .to conduct surveys (such as the rural debt, bank fees and hedging surveys), for various committees and panels that the Bank convenes or chairs, such as the Australian Foreign Exchange Committee and the Small Business Finance Advisory Panel. Content may include: the name of the company, name of the contact, position held in the company, personal telephone contact number, fax number, email address, company website address, postal address, industry category, history of contact details, and the activities undertaken with the company. The records are stored on electronic media. The following Bank staff have access to the Business Liaison Program information: selected Economic Analysis staff involved in or providing support to the Business Liaison Program who have signed a confidentiality agreement. Staff in Financial Markets Group (FMG) have access to the contact details for those involved with the panels, committees, surveys and general business liaison that FMG regularly conducts. The records are updated regularly and held indefinitely, until deleted at the request of a company or the Bank. This information is not typically disclosed to other people or organisations. The list of members of the Small Business Finance Advisory Panel and the Australian Foreign Exchange Committee, and their affiliations, are published on the Bank’s website. Individuals would not usually request access to this information but they can seek access to, or update, their information by contacting the Department within the Bank with which they typically deal. 14. BIOGRAPHICAL AND PERSONAL INFORMATION ON CURRENT AND FORMER MEMBERS OF THE RESERVE BANK BOARD, THE PAYMENTS SYSTEM BOARD AND THE AUDIT COMMITTEE The purpose of these records is to be able to contact, and to publish certain information about, current and former members of the Reserve Bank Board, the Payments System Board and the Reserve Bank Audit Committee. The information of current Board and Audit Committee members is used to co-ordinate the arrangements for the monthly Reserve Bank Board meetings, quarterly Payments System Board meetings and meetings of the Audit Committee. Contents may include names, addresses, dates of birth, current occupation details and details of other directorships. Sensitive contents may include: home addresses and phone numbers. The following staff have access to this information: Governor and Deputy Governor, and their PAs, Secretary and Deputy Secretary, Board Section staff in Secretary’s Department and Staff Payments. The records are kept up-to-date and old records destroyed. Individuals can obtain information regarding access to their personal information by contacting the Senior Board Officer, Phone: (02) 9551 9740. The records are stored on paper and electronic media. 15. BIOGRAPHICAL AND PERSONAL INFORMATION ON CURRENT AND FORMER MEMBERS OF THE BOARD OF THE RESERVE BANK HEALTH SOCIETY AND THE TRUSTEES OF THE OFFICERS’ SUPERANNUATION FUND The Bank provided secretariat services to the board of directors of Reserve Bank Health Society Ltd (RBHS) until 1 January 2013. The Bank holds records of current and former Board members’ personal details. The Bank also provides secretariat services to the Trustees of the Reserve Bank of Australia Officers’ Superannuation Fund and holds records of Trustees’ personal details to enable it to carry out these secretariat functions. Contents may include names, addresses, dates of birth, current and past occupation details and details of other directorships. Sensitive contents may include: home addresses and phone numbers. The following staff have access to this information: selected SSU staff who provide services to the RBHS and the OSF Board of Trustees. The records are kept for an indefinite period. Individuals can obtain information regarding access to their personal information by contacting the Manager, Staff Payments, Phone: (02) 9551 9030 or the Senior Manager, OSF Section, Phone: (02) 9551 9626. The records are stored on paper and electronic media. 16. BIOGRAPHICAL AND PERSONAL INFORMATION ON CURRENT AND FORMER MEMBERS OF, AND INDIVIDUALS INSURED BY, THE RESERVE BANK HEALTH SOCIETY The Bank provided administrative services to the Reserve Bank Health Society Ltd (RBHS) which involved maintaining records on members of RBHS from its establishment in 1959 until May 2011. The purpose of these records is to store information about the members and other individuals covered under the member’s insurance policy to enable the RBHS to comply with legislative and regulatory requirements and historical records relating to memberships. Contents may include names, addresses, dates of birth, member numbers, Medicare numbers, past health insurance details, health related information, health insurance claims received and paid, bank account details, power of attorneys, correspondence with members. Sensitive contents may include: home addresses and phone numbers, Medicare numbers, past health insurance details, health related information, health insurance claims received and paid, bank account details, powers of attorney, correspondence with members. The following staff have access to this information: selected Staff Payment staff who provide services to the RBHS. The records are kept for an indefinite period. These records are shared with Lysaght Peoplecare Limited (appointed by RBHS to provide administration services to it) from time to time. Individuals can obtain information regarding access to their personal information by contacting the Manager, Staff Payments, Phone: (02) 9551 9030. The records are stored on paper and electronic media. 17. SECURE RBA WEBSITES The purpose of these records is to allow relevant individuals secure access to certain secure websites or databases. These include RBA Minutes, RBHS Board, ResLInk, MyOSF, ID Returns and Traces databases. Content may include first name, surname, address, email, phone number, secret question and answer. In addition, MyOSF content may include date of birth, gender, marital status and names and status of partners and children. The records are kept for an indefinite period. This information is not typically disclosed to other people or organisations. Individuals would not usually request access to this information. Individuals can obtain information regarding access to personal information by contacting the administrator of the system in question or by contacting the Department within the Bank with which they typically deal. 18. MAILING LISTS The purpose of these records is to provide a distribution list of persons who have indicated they wish to receive information or publications from the Bank. Content may include: names, email addresses, postal addresses, telephone and facsimile numbers. The personal information relates to individuals who want to receive information or publications from the Bank. The records are kept indefinitely or until a person asks to unsubscribe to the list. The records are stored on paper and electronic media. This information is not typically disclosed to other people or organisations. Individuals would not usually request access to this information. However individuals can obtain information regarding access to their personal information, or update their personal information, by contacting by contacting the Department within the Bank which distributes the publication. 19. COUNCIL OF FINANCIAL REGULATORS – CONTACT DETAILS The purpose of these records is to provide a list of contact details for senior staff from the four member agencies of the Council of Financial Regulators: Reserve Bank of Australia, the Australian Prudential Regulation Authority, the Australian Securities and Investments Commission, and The Treasury. Content may include: name; position; work phone number; work email address; mobile phone number. The personal information on these records relates to: agency heads, senior executives and personal/executive assistants from the Reserve Bank of Australia, the Australian Prudential Regulation Authority, the Australian Securities and Investments Commission, and The Treasury. The records are maintained on an ongoing basis. Information is deleted from the records when individuals are no longer in the relevant positions. The following Reserve Bank staff have access to this personal information: Level 5 and above staff and the Personal Assistant within Financial Stability Department; the Assistant Governor for Financial System Group and his/her Personal Assistant; Staff within the Governor’s Office and the Personal Assistant within Financial Markets Group. This information is also disclosed to select staff working in the Australian Prudential Regulation Authority; the Australian Securities and Investments Commission and The Treasury via the govdex website managed by the Department of Finance and Deregulation. Individuals can obtain information regarding access to their personal information by contacting the Personal Assistant, Financial Stability Department on (02) 9551 8511. The records are stored on paper and electronic media (including on the govdex website managed by the Department of Finance and Deregulation). 20. TRANS-TASMAN COUNCIL ON BANKING SUPERVISION – CONTACT DETAILS The purpose of these records is to provide a list of contact details for senior staff from the six agencies on the Trans-Tasman Council on Banking Supervision: Reserve Bank of Australia, the Australian Prudential Regulation Authority, the Australian Securities and Investments Commission; Australian Treasury; Reserve Bank of New Zealand; and New Zealand Treasury. Content may include: name; position; work phone and fax number; work email address; mobile phone number. The personal information on these records relates to: agency heads, senior executives and personal/executive assistants from the Reserve Bank of Australia, the Australian Prudential Regulation Authority, the Australian Securities and Investments Commission, Australian Treasury, Reserve Bank of New Zealand, and New Zealand Treasury. The records are maintained on an ongoing basis. Information is deleted from the records when individuals are no longer in the relevant positions. The following Reserve Bank staff have access to this personal information: Level 5 and above staff and the Personal Assistant within Financial Stability Department; the Assistant Governor for Financial System Group and his/her Personal Assistant; staff within the Governor’s Office and the Personal Assistant within Financial Markets Group. This information is also disclosed to select staff working in the Australian Prudential Regulation Authority; the Australian Securities and Investments Commission, Australian Treasury, Reserve Bank of New Zealand, and New Zealand Treasury via the govdex website managed by the Department of Finance and Deregulation. Individuals can obtain information regarding access to their personal information by contacting the Personal Assistant, Financial Stability Department on (02) 9551 8511. The records are stored on paper and electronic media (including on the govdex website managed by the Department of Finance and Deregulation). 21. CORE AND CENTRAL BANKING ACTIVITIES The purpose of these records is to authenticate instructions from authorised persons who can operate accounts provided by the Reserve Bank as part of it’s core central banking functions to the Commonwealth, state or territory government, overseas official institutions or another central bank. Content may include: full name, address, former names (if applicable), date of birth, telephone number, e-mail address, signatures and identifying numbers and expiry dates related to identification documents (such as: licence, passport, birth/citizenship certificates). The records are kept while an authority remains current; or for 7 years after it has been cancelled. The records are stored on paper and electronic media. This information is not typically disclosed to other people or organisations. Individuals would not usually request access to this information. However individuals can obtain information regarding access to their personal information, or update their personal information, by contacting the Banking Department. 22. VISITS, BRIEFINGS, GIFTS, HOSPITALITY AND OTHER BENEFITS GIVEN AND RECEIVED The purpose of these records is to monitor briefings provided by Bank staff, and the gifts, hospitality and other benefits given and received by Bank staff. Content may include: name, organisation, date and time of meeting, description of briefing provided or gift given or received, estimated value of gift and reason for gift. The personal information on these records relates to visitors to the Bank and recipients of gifts, hospitality and other benefits from staff. Staff from Risk Management Unit and individual departments where each record is kept have access to this personal information. The records are kept indefinitely. This information is not normally disclosed to other persons or organisations. Individuals can obtain information regarding access to their personal information by contacting the relevant department that collected the information. The records are stored on electronic media. 23. ‘PROTECTED INFORMATION’ AS DEFINED IN SECTION 79A OF THE RESERVE BANK ACT 1959 WHICH IS ALSO PERSONAL INFORMATION The following personal information may be collected from time to time by the Bank which is ‘protected information’ or contained in a ‘protected document’, each as defined in section 79A of the Reserve Bank Act 1959. This information is subject to strict control and is only disclosed as permitted under section 79A of the Reserve Bank Act: a) Business or professional contact details (such as name, position in organisation/title, business address (physical and/or postal), business phone, business email address and business fax) in relation to: • • the executives and other staff the Bank deals with who are employed by: o financial institutions; o other payment system participants; o clearing and settlement facility licensees and applicants; and o service providers to any of these; and executives and staff of other central banks and regulators. Note that to the extent that any of this information is publicly available, it is not ‘protected information’ within the meaning given in section 79A. This information is held by, and accessible by, staff in the Payments Policy Department. It is not typically disclosed to other people or organisations and any disclosure which does occur is in accordance with section 79A of the Reserve Bank Act. b) Contact details (along with personal views and occasionally details of financial transactions) of individuals who are customers of financial institutions and who are making submissions to consultations - typically in the context of the Payment Systems (Regulation) Act 1998 , or complaints or enquiries related to retail payment systems and regulation. This information is volunteered by the relevant individuals. This information is held by, and accessible by, staff in the Payments Policy Department. It is not disclosed to other people or organisations. c) “Large exposure’ data for financial institutions. This information is received from the Australian Prudential Regulation Authority (APRA) and accordingly is also subject to the protections in section 56 of the Australian Prudential Regulation Authority Act 1998. There are instances each quarter in which smaller deposit taking institutions report large exposures to natural persons. This information is held by, and accessible by, a limited number of staff in the Financial Stability Department. The Bank does not share this data with any third parties other than APRA. The records are stored on paper and electronic media. Individuals would not usually request access to a n y o f this information. However individuals can obtain information regarding access to their personal information, or update their personal information, by contacting, in the case of the information in a) or b), the Bank’s Payments Policy Department and in the case of the information in c), the Bank’s Financial Stability Department. APPENDIX 1 PERSONNEL RECORDS It should not be assumed that all records described are kept in a common storage facility. Separate security arrangements will typically apply, depending on the sensitivity of the information. The purpose of these records is to maintain employment history and payroll and administrative information relating to all permanent, contract and temporary staff members and employees of the Reserve Bank of Australia. Personnel and payroll The records may include any one or more of the following: (1) records relating to attendance, access control and overtime; (2) leave applications and approvals; (3) medical and dental records; (4) payroll and pay related records, including banking details; (5) tax file number and FBT declaration forms; (6) declarations of pecuniary interests, including pecuniary interest of family members; (7) personal history files; (8) performance appraisals; (9) records relating to personal development and training; (10) trade, skill and aptitude test records; (11) completed questionnaires and personnel survey forms; (12) records relating to removals; (13) travel documentation; (14) records relating to personal welfare matters; (15) contracts and conditions of employment; (16) records relating to identity checks and police and security clearances; (17) EEO Data; and emergency contact details. (18) Recruitment The records may include any one or more of the following: (19) recruitment records and candidate applications; and (20) selection reports and assessments. Other The records may include any one or more of the following: (1) records of accidents and injuries; (2) compensation case files; (3) rehabilitation case files; (4) records relating to counselling and discipline matters, including disciplinary, investigation and action files, legal action files, records of criminal convictions, and any other staff and establishment records as appropriate; (5) complaints and grievances; (6) recommendations for honours and awards; and (7) Gifts, hospitality and other benefits given and received. The Bank also retains personal information of staff in both the Business Impact Analysis (BIA) and the Business Continuity Plans (BCP). Individual departments also maintain out-of – office details for their own contingency purposes. The information is for business continuity, to enable quick contact and to give managers information to make decisions about assignment of staff in disruption situations. The BIA information is mainly for planning purposes i.e. to overcome impediments for a staff member working in a disruption. In the past it has included information on such issues as - how far will they have to go to get to work and whether can they work from home. The BCP data is about getting in contact with staff quickly. It is important the contact numbers are available to restore work processes quickly particularly when events happen overnight. Contents of personnel records may include: name, address, date of birth, occupation, staff number, gender, qualifications, equal employment opportunity group designation, next of kin, details of pay and allowances, leave details, work reports, security clearance details and employment history. Sensitive contents of personnel records may include: physical and mental health, disabilities, racial or ethnic origin, disciplinary investigation and action, criminal convictions, adverse performance and security assessments, tax file numbers, relationship details and personal financial information. In past versions of BIA there was information on name, transport method to work, distance from home, in some cases a person’s postcode, time taken to get to work, computer and internet access, whether there are dependents. This information was not collected for the BIA update 2012. The BIA data varies depending on department. Some have a limited list of managers only but some have nearly all staff listed. For the BCP there are names, contact phone numbers and in some cases addresses. Personal information on personnel records relates to current and former staff members and employees including contract and temporary staff. The following RBA staff have access to personnel records: executive and senior management, members of selection panels (if appropriate), the individual to whom the record relates and, as is appropriate, human resources staff. All staff in a department can access that department’s BIA and BCP. Staff in other departments have access to another department’s BIA or BCP if that data is required as part of their responsibilities for business continuity. Permission from the Head of Department owner is required to release personal information for this purpose. Personnel records are kept according to the applicable provisions of the General Disposal Authority for staff and establishment records issued by Australian National Archives. Historical BIA and BCP data is currently kept without a destruction date. Data is updated regularly. Individuals can obtain information regarding access to their personal information by contacting the Human Resources Department or where applicable their Head of Department. Records relate to all current and former employees of the Reserve Bank of Australia and are stored on paper and electronic media.