Audience
Department-wide
Purpose
This procedure outlines the responsibilities and processes for conducting surveys and managing survey data on behalf of the Department of Education (the department).
Overview
All departmental surveys must be conducted ethically and in accordance with privacy, right to information, and information security policies. This includes an obligation on employees conducting surveys to review and refer for action any survey records that may indicate specific harm or risk of harm to an individual, inappropriate behaviour, breach of the Code of Conduct, or illegal conduct.
Surveys will only be conducted if the collection of information is necessary to carry out the department’s purpose under relevant legislation, such as (but not limited to) the Education (General Provisions) Act 2006 (Qld) or the
Education and Care Services Act 2013 (Qld).
Using the department’s supported survey system – SurveyManager – meets departmental requirements on applications for information security, privacy and storage.
This procedure outlines the departmental, legislative and information security obligations survey authors and approvers must consider when conducting a survey including:
- selecting a survey application
- designing surveys
- approving surveys
- reporting and managing survey data.
Responsibilities
Survey authors are responsible for:
- choosing a survey instrument which conforms with all information security, privacy and storage policies
- ensuring that collection and management of personal information or sensitive survey data occurs in accordance with all privacy obligations
- ensuring that surveys are designed ethically and that the collection of information does not compromise the safety and wellbeing of survey respondents
- obtaining the required approval to conduct and administer the survey prior to distribution, in accordance with the approvals processes of the employee’s business unit or school
- ensuring that all use and disclosure of data occurs in accordance with information security, privacy and right to information requirements
- reviewing survey information collected for any records that indicate specific harm or risk of harm to an individual, inappropriate behaviour, or possible illegal conduct; these records must immediately be brought to the attention of the survey approver.
Survey approvers are responsible for ensuring that:
- the selected survey application conforms with all information security and privacy policies
- survey design is consistent with all privacy obligations
- the collection of information has an appropriate legislative basis and is necessary to carry out DoE’s purpose
- high-profile surveys are reviewed by the surveys team prior to distribution
(To assess whether your survey is high-profile, see the survey profile assessment (DoE employees only) and the SurveyManager (DoE employees only) OnePortal page.)
- survey data storage and disclosure adhere to all relevant legislative and data security requirements
- survey records that indicate specific harm or risk of harm to an individual, inappropriate behaviour, or possible illegal conduct are referred immediately for attention and action in accordance with relevant procedures
- the following ethical principles have been considered and incorporated during survey development:
- honest and ethical conduct in data gathering and dissemination and communication of results
- regard for the welfare, rights, beliefs, perceptions, customs and cultural heritage of individuals
- no harm or discomfort to participants
- participants are provided with information about the purpose, methods, demands and possible outcomes (including use and publication of results)
- specific agreements made with participants are fulfilled.
The Surveys team are responsible for providing:
- policy and procedure development, review and update for the department
- statistical and procedural advice relating to survey design and administration
- quality review and approval of high-profile surveys prior to distribution
- management of the SurveyManager system in the department.
For further information, see the Surveys and the Privacy Principles on the Office of the Information Commissioner website.
Process
1. Survey instrument selection
Survey authors and approvers must ensure that a survey platform is used which complies with the department's information security, privacy and storage policies.
It is recommended that surveys are conducted using SurveyManager, the department’s supported survey system. SurveyManager stores survey information on secure departmental servers and can be used to collect data classified as SENSITIVE or below. Use of SurveyManager ensures that data is stored securely in accordance with privacy and information security obligations. This may not be the case when alternative applications are used – see Surveys and the Privacy Principles. For information on how to access the SurveyManager system and related training materials refer to the SurveyManager (DoE employees only) page on OnePortal.
Where a system other than SurveyManager is used to conduct surveys, the system must be procured in accordance with the Purchasing and procurement procedure and used in accordance with the Non-departmental ICT service providers procedure. As per the Non-departmental ICT service providers procedure, the use of third-party websites and applications that host, store, publish or transfer departmental and/or personal information (even where there is 'no cost' for the service) requires cyber security and information privacy assessment via the Online Service Risk Review process (Schools only) or via the department’s Information Management Team (Corporate employees).
To view published risk reviews for alternative survey applications, see the Online Service Risk Review Catalogue (DoE employees only). Third-party services that have not been assessed by the department must not be used as they may not comply with the department’s information privacy and security requirements.
2. Survey design
When designing a survey, the survey author must give careful consideration to the purpose, the collection and intended use of data and relevant authority for collecting data.
Purpose
For every survey a clear purpose should be determined under the relevant authority and all questions, data collected and analysis conducted should relate to this purpose. The purpose will also inform privacy and consent statements, which must appear within the survey.
Approved departmental forms are NOT to be reproduced in an online form (for example using SurveyManager) without consultation with the owner of the form.
Authority
When designing surveys, survey authors must ensure that information is collected and disclosed in accordance with the department’s governing legislation and procedures including:
Use and collection of personal information
All surveys which collect personal information must include a privacy notice (seePersonal information guideline) which explains the purpose of the collection and how the information collected will be used and disclosed. Where sensitive information may be included in the survey, consideration should be given to capturing confirmation that the privacy notice has been read. Consent must be obtained and managed in accordance with the Obtaining and managing student and individual consent procedure.
If a survey author uses an application which may transfer data overseas consent must be obtained prior to the collection of any personal data, including use of contact email addresses, by making the respondent aware of the potential for overseas transfer (see Personal information guideline). Personal information must not be included in any application that may transfer data overseas without the informed consent of the individual.
Authors should also be aware that survey data collected by the department is subject to right to information legislation and may be released.
For further information, see the Surveys and the Privacy Principles on the Office of the Information Commissioner website.
3. Survey approval
All surveys must be approved before use, as per the approvals processes of the school or business unit to which the survey author belongs.
Before approving a survey, approvers must ensure that:
- alternative survey applications to SurveyManager meet information security, privacy and storage policies
- the survey design meets privacy obligations
- the following principles have been considered and incorporated during survey development:
- honest and ethical conduct in data gathering and dissemination and communication of results
- regard for the welfare, rights, beliefs, perceptions, customs and cultural heritage of individuals
- no harm or discomfort to participants
- participants are provided with information about the purpose, methods, demands and possible outcomes (including use and publication of results)
- any specific agreements made with participants will be fulfilled.
- high-profile surveys are referred to the survey team for review and approval. (To assess whether your survey is high-profile, see the survey profile assessment (DoE employees only) and the SurveyManager (DoE employees only) OnePortal page.)
4. Management and reporting of survey data
Personal information collected in a survey must only be used for the purpose for which it was collected, such as specific reporting or research, unless the individual concerned has consented to the use of the information for another purpose or an exception applies (see the Personal information guideline for details).
Survey authors and approvers have a responsibility to review survey records, including open text fields, to find any records that indicate specific harm or risk of harm to an individual, inappropriate behaviour, or possible illegal conduct. If any records of this nature are found, the proper procedure below should be followed to refer the matter for attention and action. When disclosing information as part of such a referral, decisions must be recorded (including reasons for disclosure and the information disclosed).
For disclosure relating to:
Once a survey is complete, the survey author is responsible for:
Definitions
Term
|
Definition
|
Employee
|
An employee is any permanent, temporary, casual, or contracted staff member.
Not in the scope of this procedure:
- Individuals and bodies external to the department who are surveying all or part of the department as part of their business; for example, researchers, external consultancies and professional bodies
|
Personal information
|
Personal information is any information about an individual whose identity is apparent (e.g. name, address) or can reasonably be ascertained, for example, through linkage with other datasets, a combination or precision of demographic characteristics or free text responses which identify a respondent or another individual.
|
Survey
|
A mechanism for gathering information from a predefined group of respondents, with the intention of generalising the results for reporting or other purposes.
|
Survey data
|
Any data or information collected by departmental staff using a survey instrument.
|
SurveyManager
|
SurveyManager is a secure survey platform managed by the department and is recommended for use by departmental staff. Information collected from participants is stored on secure departmental servers.
Data stored in SurveyManager systems may be regularly cleansed from closed surveys where stored longer than 12 months.
|
Student safety
|
Relates to the welfare of a student. A student safety issue exists when information suggests that the safety of a student may be in jeopardy.
|
Legislation
Delegations/Authorisations
Other resources
Superseded versions
Previous seven years shown. Minor version updates not included.
1.0 Conducting surveys procedure