Commonwealth Consolidated Acts Commonwealth Consolidated Acts(1) An authorisation in Chapter 2 for an entity to share, collect or use data also authorises a designated individual for the entity to engage in conduct that is, or is part of, the sharing, collection or use, if the conduct is within the actual scope of the individual's designation.
(2) Subsection (1) does not apply to conduct of an individual if either of the following has the effect that the individual may not engage in such conduct:
(a) conditions of accreditation imposed on or applicable to the entity;
(b) the data sharing agreement that covers the sharing, collection or use.
Bodies corporate
(3) An authorisation in Chapter 2 for an accredited entity to collect or use data also authorises a body corporate that is party to an approved contract with the accredited entity to engage in conduct that is, or is part of, the collection or use, if the conduct is within the actual scope of the approved contract.
(4) Subsection (3) does not apply to conduct of a body corporate if either of the following has the effect that the body corporate may not engage in such conduct:
(a) conditions of accreditation imposed on or applicable to the entity;
(b) the approved contract;
(c) the data sharing agreement for the project to which the collection or use relates.
Access to data by designated individuals and certain bodies corporate
(5) If a designated individual for an entity, or a body corporate that is party to an approved contract with an entity, is given access to data by the entity, and the access is within the actual scope of the individual's designation or the body corporate's approved contract, giving the access is taken, for the purposes of the data sharing scheme, to be a use of the data, but not a provision of access to it.