Personal Information

Reference

Category

Fraud

Legislation/Policy

Not Applicable

Additional Information

Guidance

A clause of this type would be included when it may be necessary for the Customer to access the personal information of individuals in order to conduct investigations into potential fraud associated with performance of the Contract.

This clause does not provide any right for the Customer to use the personal information for an unrelated purpose.

Generally, a clause of this type would not be used in isolation, but instead would be used in conjunction with complementary clauses detailing a range of fraud related requirements.
Related clauses may include:

  • Fraud Control Plan;
  • making good any Customer losses; and
  • a framework for establishing the appropriate investigation procedures into suspected incidents (i.e. the Supplier the Customer or independent party).

Option 1

This is a basic clause to require the Supplier to provide the Customer with personal information in relation to fraud.

For high risk Contracts, the Option 2 clause should be used.

Option 2

For Contracts which are assessed as having a high risk of fraud occurring and/or involve a long-term arrangement, a clause of this type may be required to provide certainty around accessing and using personal information.

Clauses

Option 1

Personal Information

  1. The Supplier agrees to provide the Customer, or its nominee, relevant information (including personal information) relating to the Supplier, its officers, employees, agents and/or subcontractors, for the purposes of preventing, detecting, investigating or dealing with a fraud or security incident relating to the Contract.
  2. When providing personal information of a natural person to the Customer under this clause, the Supplier warrants it will have obtained the consent of or provided reasonable notification to the person in accordance with the Privacy Act 1988 (Cth).

Nothing in these clauses limits or derogates from the Supplier’s obligations under the Privacy Act 1988 (Cth).



Option 2

Personal Information

  1. The Supplier agrees to provide the Customer, or its nominee, relevant information (including personal information) relating to the Supplier, its officers, employees, agents and subcontractors, for the purposes of preventing, detecting, investigating or dealing with a fraud or security incident relating to the Contract.
  2. When providing personal information of a natural person to the Customer under this clause, the Supplier warrants that it has obtained the person’s consent to:
    1. his or her personal information being provided to the Customer;
    2. the Customer disclosing his or her personal information to another Commonwealth Entity where a fraud or security incident may relate to the other Commonwealth entity; and
    3. the Customer disclosing his or her personal information to an independent investigator.

Nothing in these clauses limits or derogates from the Supplier’s obligations under the Privacy Act 1988 (Cth).



Notes

While use of this clause is optional, in contracts which are assessed as having a high risk of fraud occurring and/or involve a long-term arrangement, a clause of this type may be required to enable Fraud investigations.

Standardisation of contractual text results in efficiencies for both Parties to a contract. Before deciding whether a particular clause is appropriate, procurement officials should carefully consider the context of their procurement. Capitalised terms (unless otherwise defined) are based on the definitions in the CCS Glossary.  Definitions of any relevant defined terms may need to be added.

Clause wording may need to be changed to suit the context of a particular Contract.

Otherwise, where this clause is included, the clause wording should be used without change.

Terms that are capitalised may need to be changed to align with the Contract terminology.

Last updated: 31 July 2018