VIC.GOV.AU | Policy and Advisory Library

School operations

Privacy and Information Sharing

Policy

This policy provides privacy and information sharing guidance to ensure schools follow the Schools' privacy policyExternal Link when collecting, using, sharing and managing personal and health information.

Summary

  • All schools must adopt and follow the Schools' privacy policyExternal Link and include a link to it on their school’s website.
  • Following the policy will ensure schools comply with current privacy legislation and departmental policies.
  • Information on how to implement the policy is available in the Guidance tab.
  • Advice for when information can and must be shared for the wellbeing or safety of children, or to assess or manage family violence risk can be found on Child and Family Violence Information Sharing Schemes.

Details

The Schools' privacy policyExternal Link is a departmental policy which applies to all schools.

All schools must:

  • adopt and follow the Schools’ privacy policy
  • include a link to the policy on their school’s website
  • remove any previous, individualised privacy policies from their website.

In some cases, school staff can and must share personal information to promote the wellbeing or safety of children, or to assess or manage family violence risk.

Advice on sharing information of this nature is available at Child and Family Violence Information Sharing Schemes.

Definitions

Personal information
Personal information is recorded information or an opinion about a person who is identified or could be reasonably identified.

It will be considered personal information regardless of whether it is true or not.

Examples of personal information include a person’s:

  • name
  • address
  • phone number
  • date of birth and/or age.

De-identified information about individuals can become personal information if it is re-identified or re-identifiable. For example, if a sample size is very small or enough separate facts about a person are provided then their identity could be guessed.

Sensitive information
Sensitive information is a type of personal information. It has stronger legal protections due to the risk of discrimination.

Sensitive information includes information or opinion that relates to a person’s:

  • racial or ethnic origin
  • political opinions or affiliations
  • religious beliefs or affiliations
  • philosophical beliefs
  • sexual orientation or practices
  • criminal record
  • membership of a trade union.

Personal and sensitive information is regulated in Victoria under the Privacy and Data Protection Act 2014 (Vic).

Health information
Health information is a type of personal information. The sensitive nature of this information means that it has different and stronger legal protections.

Health information is information or opinion about an identifiable person’s:

  • physical health
  • mental or psychological health
  • disability.

Health information is regulated in Victoria under the Health Records Act 2001 (Vic).

Relevant legislation

Department policy providing privacy and information sharing guidance to ensure schools follow the Schools' privacy policy when collecting, using, sharing and managing personal and health information.

Reviewed 10 July 2025

Policy last updated

11 July 2025

Scope

  • Schools

Contact

Privacy Team, Knowledge, Privacy and Records Branch

Was this page helpful?