National Cancer Screening Register

Page last updated: 20 September 2018

The Department of Health appointed Telstra Health to develop and operate a National Cancer Screening Register (the Register) to support the National Cervical Screening Program and at a later stage the National Bowel Cancer Screening Program.

What is the National Cancer Screening Register?

The Register is a national electronic infrastructure for the recording and reporting of cancer screening data for the National Cervical Screening Program (NCSP) and, at a later stage, for the National Bowel Cancer Screening Program (NBCSP).

The Register will eventually replace the existing National Bowel Cancer Screening Register currently managed by the Department of Human Services and create a single national record for participants of the NBCSP.

The Register commenced operations on 1 December 2017 to support the renewal of the NCSP. The Register has consolidated cervical screening data that was held in eight separate state and territory registers into one national register. It enables a unique national identifier to create one record for each participant and a regular feed of demographic status updates. It also facilitates the identification of people who have never screened, meaning for the first time, invitations can be sent to improve participation for these groups.

The Register currently supports the NCSP by:

  • Maintaining a national database of cervical screening records
  • Holding a single, consistent, national cervical screening history for each participant Inviting eligible persons to commence cervical screening when they turn 25 years
  • Reminding participants when they are due and overdue for cervical screening
  • Providing a participant’s cervical screening history to laboratories to inform screening recommendations
  • Providing a ‘safety net’ for participants who are at risk and have not attended further testing, by prompting them (and the healthcare providers) to have follow up tests

The Register is built in accordance with strict data security requirements and complies with all legal requirements applicable to the processing of and access to Health data. The Register is also underpinned by the National Cancer Screening Register Act 2016 which ensures protection of invitees’ and participants’ Personal Information.

The Register will also provide the platform for additional screening programs in the future.

For more information about the Register call on 1800 627 701 or visit the Register’s website.

Privacy Impact Assessment for the Register

A Privacy Impact Assessment (PIA) was undertaken in consultation with the Office of the Australian Information Commissioner to assess the information flows and privacy concerns that might arise from establishing and operating the Register.

The PIA was finalised in December 2016 and made 28 recommendations in the context of potential privacy compliance and management issues, including measures to be undertaken as part of implementing the Register.

The Department has accepted all 28 recommendations and is currently planning the implementation of the recommendations.

PDF version National Cancer Screening Register Privacy Impact Assessment (PDF 1548 KB)

Word version National Cancer Screening Register Privacy Impact Assessment (Word 6414 KB)

Frequently asked questions

The Register is a national electronic infrastructure for the recording and reporting of cancer screening data for the National Cervical Screening Program (NCSP) and, at a later stage, for the National Bowel Cancer Screening Program (NBCSP). For more information about the Register, visit the Register’s website.

The Register currently supports the National Cervical Screening Program (NCSP) by:

  • Maintaining a national database of cervical screening records
  • Holding a single, consistent, national cervical screening history for each participant Inviting eligible persons to commence cervical screening when they turn 25 years
  • Reminding participants when they are due and overdue for cervical screening
  • Providing a participant’s cervical screening history to laboratories to inform screening recommendations
  • Providing a ‘safety net’ for participants who are at risk and have not attended further testing, by prompting them (and the healthcare providers) to have follow up tests

The Register uses Medicare Enrolment data, Department of Veterans' Affairs data and certain Medical Benefits Schedule claims data for invitation purposes.

The Register will also eventually support the National Bowel Cancer Screening Program (NBCSP) that is currently managed by the Department of Human Services.

The Commonwealth Department of Health is the custodian of the information in the Register and has contracted Telstra Health to build and operate the Register.

No. Telstra (including Telstra Health) are only permitted to use your Personal Information for the purposes of the Register to support the National Cervical Screening Program.

The Register is being implemented in partnership with state and territory governments, and will be overseen by a number of governing bodies managed by Health and with the required clinical and data expertise. Operation of the Register will be strictly informed by evidence-based program policies and protocols: developed through the screening programs’ governance structures, including the Australian Government, state and territory governments, the Australian Institute of Health and Welfare and key clinical experts.

The Commonwealth Department of Health takes your privacy very seriously. The National Cancer Screening Register will collect or use your information in compliance with the Privacy Act 1988 (including the Australian Privacy Principles) and the National Cancer Screening Register Act 2016 (the NCSR Act).

You can read the full privacy policy at the Register’s website.

In addition to the legal requirements for protecting privacy, the Register operates in accordance with strict Australian Government security policies and guidelines. Only authorised personnel have access to information held in the Register and this is monitored for authentication credentials upon access.

Your information in the Register is stored within Australia in secure data storage facilities.

The National Cancer Screening Register Act 2016 (the NCSR Act) provides the legislative framework to safeguard protected information in the Register by prohibiting its use and disclosure for purposes outside the requirements to operate the Register; and creating an offence arising from the unauthorised recording, use or disclosure of Personal Information contained in the Register. The legislation also requires notification to the Australian Information Commissioner if there is a data breach.

Yes. The requirements for the Register include that Telstra Health must comply with and adhere to the stringent controls of the Commonwealth Protective Security Policy Framework (PSPF) at all times. The PSPF provide mandatory requirements to:

  • manage security risks to their people, information and assets
  • provide assurance to the government and the public that official resources and information provided to the Register are safeguarded
  • incorporate protective security into the culture of the Register.

In addition the Register will, at all times, comply with the Information Security Manual and the National Identity Security Strategy.

No. The Register is operated from within Australia and all data is stored on-shore in secure data storage facilities. The Register’s hosting environment has been certified to Zone 2 of the Australian Government Physical Security Management Protocol. This protocol certifies that data centres implement adequate physical security controls for the purposes of storing "PROTECTED" classified information.

The Register’s operational services are based in Melbourne.

Participants of the cervical screening program are able to view and manage their Personal Information and screening status through the Register.

Participants have control over who is allowed to access it their Personal Information on the Register.

Only duly authorised and authenticated users may access the system. Healthcare providers and other authorised bodies (including state and territory health departments) are able to access protected information from the Register, including Personal Information of individuals, in order to perform functions or duties relating to the purposes of the Register. The Register has an extensive access control system that will ensure that access to functions and data is limited based on the role and functions performed by the user.

Practitioners and screening participants are not charged a fee to access their records or the system. Participants are able to view and manage their contact information and screening status through the Register free of charge.

The Register issues correspondence for the NCSP free of charge.

The Register includes a Melbourne-based call centre that provides support for Register users in each state and territory free of charge.

All Telstra Health personnel who are involved in managing or operating the Register are required to sign a confidentiality undertaking. In addition, Telstra Health personnel who have access to the Register’s data or are likely to have access to the data must possess the necessary security clearance, issued by the Australian Government Security Vetting Agency.

The Register has extensive cyber security protections so that it is not vulnerable to malware, viruses or Trojans. It is subject to IT Security compliance activities in accordance with government policies.

Yes.  The Register is logging all transactions and events, capturing the source, destination, action, identify and result of the action.  All system logs are kept and are to be retained by Telstra.

The Commonwealth will continue to be responsible for national screening policy, processes and the information captured in the Register. The Register system and its operations will be provided as a service by Telstra Health to the Commonwealth.

The Commonwealth is the custodian of the data stored in the Register. Telstra Health owns the IP associated with the Register software required to operate the Register.

At the end of the contract, the Commonwealth will be able to continue to licence the software.  This includes making it available to a new Register Operator.

Telstra Health is unable to sell or use the data in any manner not authorised by the Commonwealth - data may only be used for the purposes of the Register.