NSW, Victoria and ACT to link up contact tracing systems

NSW, Victoria and the ACT are set to pilot a data exchange that will allow health officials to share contact tracing data, including from airline manifests, across state and territory borders.

It is one of several recommendations put forward in the national contact tracing review [pdf], released on Friday, to help jurisdictions manage the pandemic in the absence of a vaccine.

The decentralised mechanism will facilitate the exchange of data between state and territory contact tracing systems, as well as the Commonwealth’s National Incident Room, in near real-time.

Other data, including from airline and shipping passenger information manifests and other relevant government agency databases including at a Commonwealth level, will also be made accessible.

“The data exchange would allow contact tracing teams to search, request, share and transfer case and contact tracing data between states and territories,” the review states.

“Contact tracing teams would also be able to quickly access airline and shipping passenger contact tracing information for international and domestic travel, registries of test results, and contact details from relevant government data systems.”

In the future, the exchange – which will take the form of a software-as-a-service solution – could also link up with the Australian Immunisation Register to provide a “relevant vaccine status”.

Source: Department of Health

Chief Scientist Dr Alan Finkel on Friday described the exchange as a “light touch” way of swapping data, while respecting legislative constraints, and privacy of individuals.

“The mechanism we’ve recommended … is a very light touch, but highly efficient approach,” he said during a press conference with Prime Minister Scott Morrison on Friday.

“All it does is open up a communication pathway between the digital system in one state or territory and the digital system in another, and also – where appropriate – Commonwealth government databases just for contact tracing information.”

Finkel said that the exchange, which is yet to be developed, would see requests for contact tracing information issued and responded to, but that “data never gets stored”.

“So there’s no need to reconcile two disparate databases, no large target for cyber attack, so intrinsically, and certainly, if done properly, should be very, very secure,” he said.

This is also stressed in the review, which states that “only the data exchange event data relating to request and response metadata are stored”.

It also indicates that “only data relevant to contact tracing” such as phone numbers, addresses, case interviews and diagnostic test results will be transferred.

Finkel also said the exchange was “unlikely to require legislative changes, but until the final design is done it’s not clear.

“But we’ve certainly recommended that it be built consistent with the legislative requirements at the state, territory and Commonwealth levels for privacy,” he added.

While NSW, Victoria and the ACT, as well as the Commonwealth, will serve as the test bed for the exchange, the review indicates it will be rolled out to other jurisdictions if successful.

“As we go to a more mobile society and a fully active economy, [states] need to be confident that they can share information about people who are travelling from jurisdiction to jurisdiction,” Finkel said.

“Now at the moment, the problem is not manifest, we don’t have a serious issues, but we need to be preparing.”