CONFIDENTIALITY THROUGHOUT THE PROCUREMENT CYCLE
1. Entities undertaking procurement should be familiar with Australian Government legislation and policies relevant to confidentiality in procurement, including the Privacy Act (1988) , the Freedom of Information Act 1982 (FOI Act)  and the Australian Government Protective Security Policy Framework .
2. Throughout the procurement process, the Australian Government’s confidentiality interests must be appropriately protected.
3. When planning a procurement, entities should consider the nature of the procurement and whether it is likely to raise confidentiality issues for the Australian Government. Such issues can arise in a number of ways including where:
- potential suppliers need to have access to confidential information in order to understand the procurement and lodge a submission;
- the successful tenderer needs access to confidential information in order to fulfil the requirements of the contract; or
- the information generated as a result of performing the contract is confidential.
4. Request documentation, including any draft contract, should reflect the entity’s requirements for confidentiality and position on commercially sensitive information as assessed by the entity during the procurement planning process.
5. Entities must ensure all submissions are treated as confidential for the duration of the procurement process. Similarly, all submissions must be kept confidential after the award of the contract. However, this does not preclude the reporting on AusTender of data that may have been included in the successful submission that is in turn transferred to the ultimate contract.
6. Following the evaluation process, entities need to assess any supplier claims to confidentiality to determine whether the information should be treated as confidential. Entities should not agree to confidentiality clauses in contracts unless an assessment has determined, in accordance with this guidance, that the information to be covered by the clauses is confidential.
7. There are two broad types of confidentiality clauses used in contracts:
- general confidentiality clauses, which either restate legislative obligations for confidentiality (such as under the Privacy Act (1988)  or a secrecy provision) or set out a general understanding between the parties in relation to how they will deal with information when performing the contract; and
- specific confidentiality clauses, which protect the confidentiality of:
- all or part of the contract itself – such clauses would only be necessary where the contract needs to specify the information that the entity has determined is confidential; or
- information obtained or generated in performing the contract – such clauses can be used to protect commercial information that an entity has determined is confidential or for the protection of Australian Government material. Examples of such clauses include:
- the entity has access to the supplier’s confidential intellectual property during the performance of the contract;
- a supplier needs to have access to sensitive security information in order to perform the requirements of the contract;
- new software is created under the contract giving rise to new confidential intellectual property; and;
- the contract is for a consultant to prepare a confidential report which is expected to deal with sensitive public interest issues.
8. Confidential information should be managed in accordance with any relevant legislation and confidentiality provisions in the contract. Irrespective of the terms of the contract, disclosure of a supplier’s confidential information may be necessary in some cases, for example to a parliamentary committee.