How we manage antimicrobial resistance data
HOTspots antimicrobial resistance (AMR) data from external pathology providers is managed with a focus on security, integrity, and ethical standards.
Robust cybersecurity measures and rigorous protocols ensure the data reliably supports accurate AMR surveillance and foster trust among stakeholders. This facilitates informed decisions in research, policy, and clinical practice to address one of public health’s most pressing challenges.
Data custodians
Currently, antibiotic susceptibility data is supplied to the HOTspots surveillance and response program by major pathology providers. These providers contribute data on clinical specimens tested for antimicrobial susceptibility during the surveillance period.
The data
To understand AMR in Australia, the HOTspots program collects antimicrobial susceptibility data on both invasive and non-invasive isolates of key bacterial species, including:
Acinetobacter baumannii, Escherichia coli, Enterococcus faecalis, Klebsiella pneumoniae, Pseudomonas aeruginosa, Staphylococcus aureus, Streptococcus pneumoniae, and Streptococcus pyogenes.
Data privacy
Privacy is our top priority, guided by robust policies and frameworks of CSIRO. While there are several details of how we govern privacy and cyber security at CSIRO, our Governance Policy, Privacy policy and Cyber Security principles explain how our organisation is positioned in this space and how HOTspots maintains secure, legal and ethical data usage.
As CSIRO is a Federal Government agency, the company also aligns with the Essential Eight framework of the Australian Cyber Security Centre, Information Security Manual (ISM), Archives Act 1983 (Cth) for recordkeeping and the National Health and Medical Research Council Act 1992.
Data governance
All surveillance data are managed in alignment with the CSIRO Information and Data Policy, ensuring compliance with legislative, ethical, cultural, and contractual requirements. The data are de-identified, aggregated, and securely stored.
HOTspots operates with the approval of the Human Research Ethics Committee of the Northern Territory Department of Health and Menzies School of Health Research (HREC-2018-3084) and the CSIRO Health and Medical Human Research Ethics Committee (CHMHREC 2020_090_RR). In addition, the program has been authorised under the powers of the Queensland Health Public Health Act 2005 (Section 280) in Queensland. Jurisdictional participation is voluntary, and all data provided to the program have authorisation from the respective data custodians and owners.
These approvals classify the project as low risk, as no identifying data are accessible to researchers. HOTspots are committed to adhering to all National Health and Medical Research Council (NHMRC) guidelines on data management, storage, and reporting.
The project is governed by CSIRO’s Management of Research Data policies, which require all de-identified pathology data to be retained for seven years after the project concludes (2036). This aligns with HREC guidelines for storage, retention, disposal, and confidentiality.
Security plan
To ensure data security, the HOTspots team has developed a comprehensive security plan with some key measures including:
- Data storage: Data are stored on the Australian-based Bowen Research Cloud, an internal cloud resource providing secure storage and virtual data management tools.
- Access control: Only trusted researchers with ethical clearance have access to the de-identified data.
- Encryption: Data are encrypted during storage and at rest.
- Physical security: CSIRO physical sites security is managed in accordance with the CSIRO Site Security Principals, which stipulate that all sites are maintained to a high physical security standard. Site Security Plan (SSP) and Site-Specific Operating Instructions (SSOIs) are in place. No hard copies of data or physical records will be created.
For more information about data cleaning, validation, and analysis visit HOTspots | Methodology.
For further governance and guideline details, refer to HREC Guidelines.