Change of personal information procedures
Direction and guidance on updating employee personal information while maintaining privacy and confidentiality. These procedures are in accordance with the Privacy Act 1988, Privacy and Personal Information Protection Act 1998 and Government Information (Public Access) Act 2009.
Audience
All department employees and contractors who want to change their personal information.
Version | Date | Description of changes | Approved by |
---|---|---|---|
V01.0.0 | 05/09/2024 | Under the 2023 Policy and procedure review program, new policy document consolidating existing instructions and improving clarity and readability. | Chief People Officer |
Ongoing union consultation is occurring and amendments may be made from time to time. |
About the policy
Under the Our culture policy, the department is committed to creating open, supportive and inclusive workplaces where our people are safe, respected, included, valued and inspired to bring their whole selves to work by ensuring department policies are inclusive of staff of all ages, genders and cultures, veterans, refugees, carers, people of faith, people with disability, LGBTQIA+ people, as well as their families, where relevant.
Term | Definition |
---|---|
Gender | Part of a person’s personal, cultural, and social identity. Sometimes also termed ‘gender identity’, gender refers to the individual’s concept of self as male, female, a blend of both or neither. Gender relates to how individuals understand and describe themselves, as well as how they are recognised within the community. |
Health information | Personal information about an individual's physical or mental health or disability or the provision of health services to an individual. |
Personal information | Information or an opinion about an individual whose identity is apparent or can be ascertained from the information or opinion. |
Employees:
- maintain accurate personal information
- notify the department of any changes to personal information.
Contractors:
- maintain accurate personal information
- notify the department of any changes to personal information
- contact their agency or recruiter to change their personal information and follow the relevant process outlined in this procedure.
EDConnect:
- provide advice and support to employees making online system changes through ESS, SAP ESS
- process employee name and gender change requests and update their department User ID and email to reflect their new name
- update the employee’s legal name and/or gender across all relevant department systems and databases
- retain all documentation relating to the request in accordance with record management processes
- maintain the privacy and confidentiality of employees’ personal information.
Business units:
- establish procedures for handling change requests for employee information
- review informal requests made by employees to change personal and/or health information that is handled and controlled by the unit
- determine if it is appropriate to change employee information, ensuring that it is not incorrect, misleading or out of date
- notify employees of informal request outcomes if practical
- retain documentation relating to the request in accordance with record management processes
- maintain the privacy and confidentiality of employees’ personal information that is handled and controlled by the unit.
Legal services:
- review formal requests made by employees to change personal and/or health information
- determine if it is appropriate to change employee information, ensuring that it is not incorrect, misleading or out of date
- notify employees of formal request outcomes if practical
- take reasonable steps to make changes or to attach a statement of the change to the information
- retain documentation relating to the request in accordance with record management processes
- maintain the privacy and confidentiality of employees’ personal information.
The department:
- handles employee personal details in accordance with Information Protection Principles and Health Privacy Principles set out in the Privacy and Personal Information Protection Act 1998 (PPIPA), Health Records and Information Privacy Act 2002 (HRIPA), and the department’s Privacy Code of Practice
- maintains the privacy and confidentiality of employees’ personal information.
What needs to be done
The department collects personal information in the administration and provision of its education services.
Reasonable steps are taken to ensure that personal and health information collected from employees is not unreasonably intrusive or excessive and is directly related to the department’s functions and activities.
Employee information held by the department may include:
- personal details such as address, phone number, emergency contact details, tax file number, superannuation records and bank details
- records of race, sex, gender, marital status, and impairment of employees for equal employment opportunity purposes
- medical assessments, certificates, reports
- attendance, pay and leave records
- recruitment, promotion, appeals, transfer records
- screening and qualification records such as the outcome of criminal record checks and Working with Children Checks
- service and administrative records
- stored electronic messages
- performance and disciplinary records
- NSW Education Standards Authority (NESA) accreditation details
- training, apprenticeship, and study records
- work health and safety and workers’ compensation records.
1. Update personal details
Updating personal details will change how names and email addresses are displayed in Outlook, Teams, and communications channels.
Employees can change some personal information through the department’s online systems.
Refer to Add, update or delete your personal details – QRG (staff only) for further information.
From the Staff portal (staff only), either:
- log on to employee self-service (ESS)
- select ‘My details’
- under ‘Staff directory details’ select ‘Change Your DDS Entry’
- log in to update: preferred name, title, phone number, street address, and more.
- log on to SAP ESS
- under Employee self service select ‘Personal information’
- click on ‘Personal profile’
- depending on Security Info, the employee may receive a text or call containing a code to enter in the screen provided
- select the pen icon to edit the relevant field
- update preferred email address, title, emergency contact, date of birth, and more.
2. Change personal details in online systems for official purposes
Employees must ensure personal details used by the department for official purposes are correct.
2.1 Change personal details
To change the information the department uses for official purposes, employees must provide evidence of a legal change:
1. Contact EDConnect – either call 1300 32 32 32 or log an online query.
2. Provide supporting documents (refer to the list of accepted supporting documents below).
3. On completion, EDConnect contacts the employee to update their department User ID and email to reflect their new name, if desired.
4. The department updates the employee’s legal name and/or gender across all relevant department systems and databases, including external agencies and third-party providers, where appropriate.
Accepted supporting documents include:
- change of name certificate issued by an Australian Registry of Births, Deaths and Marriages such as NSW Registry of Births, Deaths and Marriages
- recognised details certificate that states gender, issued by an Australian Registry of Births, Deaths and Marriages
- marriage certificate issued by the NSW Registry of Births, Deaths and Marriages. If an employee was married in another state or country, a marriage certificate from a celebrant or church is acceptable. Commemorative certificates are not acceptable
- birth certificate issued by an Australian Registry of Births, Deaths and Marriages showing gender or name at birth and new name
- Australian passport showing updated gender or name at birth and new name
- divorce document showing a change of name
- deed poll registered with the NSW Registry of Births, Deaths and Marriages or equivalent relevant authority
- driver’s licence showing the updated name
- instrument evidencing change of name form that has been registered in the NSW Land Titles Office.
2.2 Support for gender affirmation
The department is committed to supporting trans and gender diverse employees. Employees affirming their gender may wish to use the Gender affirmation procedure to plan their journey.
3. Request an informal change to personal details not accessible online
An employee may submit an informal request to change personal details that the department holds which are not accessible online, such as an employee’s personal and health information.
Employees can make an informal request to change information directly to the business unit holding the personal and/or health information.
An informal request should be made in writing and include:
- the name of the person requesting the change
- a statement that the request is made under the PPIPA and/or HRIPA to change personal and/or health information
- the information to be changed
- the document(s) where the information is recorded
- evidence to support the change.
When making an informal request, employees may use the department’s Application for amendment (PDF 107 KB) form.
3.1 Managing informal requests
The business unit or school must complete informal requests within 28 days of receiving the request.
The business unit or school must:
- have procedures that clearly identify the personal and health information held and how a person can request a change
- consider whether it is appropriate and practical to make the change requested
- take reasonable steps to make a change or, if not appropriate and practical, attach a statement of the change sought to the information
- consider, if practical, whether to notify the employee of the change.
3.2 Making a decision
The head of the business unit or the principal must be satisfied that the personal and/or health information to be changed is accurate, complete and not misleading. The employee is obliged to provide evidence to support the request.
The head of the business unit or the principal must determine:
- if the request involves personal and/or health information that is incorrect, misleading or out of date
- if the personal and/or health information is being used for the intended purpose
- if the evidence provided supports the need to change the personal and/or health information
- the need to maintain the integrity of the document detailing the information and department action, reasoning or decision-making
- if the information may be required in future external investigations or has been subject to internal or external review
- whether changing the information is an attempt to change decision-making processes relating to the employee
- if the employee will be adversely impacted if the change is denied.
If an informal request is denied, employees can make a formal request in writing to the department.
3.3 Support information
Refer to the department’s Privacy standards for further information on the collection, access, use and disclosure of personal and health information.
4. Request a formal change to personal details
Employees can formally request to change their personal and health information if an informal request has been denied.
Employees may use the department’s Application for amendment (PDF 107 KB) form.
A formal request must be made in writing to Legal Services at legal.privacy@det.nsw.edu.au and include the information outlined below.
Include the following information in the written request to Legal Services:
- the name of the requestor
- the name of the person whose information is the subject of the request
- proof of identity or authority where the requestor is not the person whose information is the subject of the request
- a statement that the request is made under the Privacy and Personal Information Protection Act 1998 and/or Health Records and Information Privacy Act 2002
- a description of the information to be changed and the change sought
- reference to records containing the information to be changed, if necessary
- reason/s for the change
- evidence to support the change.
If an employee cannot understand the nature and effect of the privacy legislation, or is unable to communicate their intentions, a request may be made on the employee’s behalf by:
- an authorised representative
- carer
- legal guardian or a person legally authorised to represent the best interests of the employee.
Legal services must review formal requests for changes and ensure that employees are provided with written notification of decisions including:
- if the change is accepted, a record of the precise changes made and the identity of other people who have been notified of the changes, or an explanation if it was not feasible to notify those people
- if the change is denied, a reason for the decision, and notification of the right to have a statement attached to the information
- information on the availability of an internal review process if the employee is dissatisfied with the handling of their request.
5. Deny a request
The department may deny processing an informal or formal request in part, or in whole, if there is an exemption under the Privacy and Personal Information Protection Act 1998 and/or Health Records and Information Privacy Act 2002 that restricts the change.
The department does not need to alter personal information if:
- the information is required to preserve the confidentiality of counsellor records – for example, if an individual has been mentioned during another person’s counselling session
- it is required to keep confidential the information provided by staff or students about another student when it is considered necessary to promote and maintain a safe and disciplined learning environment
- it might adversely affect or prevent the department from handling complaints or investigative functions.
6. Review the internal process
If an employee is dissatisfied with how the department has handled their personal or health information, they can request an internal review of such conduct.
The employee must use the Privacy Internal Review Application Form (DOCX 57 KB) and once completed, email it to Legal Services at legal.privacy@det.nsw.edu.au.
Record-keeping requirements
Record | Classification | Disposal action |
---|---|---|
Records summarising the employment or service history of personnel. Includes name and date of birth. | GA28 15.4.1 Employment Service History | Required as State archives |
Mandatory tools and templates
Supporting tools, resources and related information
Policy contact
The Executive Director HR Operations monitors the implementation of this procedure, regularly reviews its contents to ensure relevance and accuracy, and updates it as needed.