Agencies must also observe obligations imposed by the Privacy Act 1988 in handling personal information. In particular, the Act requires agencies to take reasonable steps in some circumstances to destroy or de-identify personal information. This is particularly important where information assets that are proposed to be published or shared with others contain personal information. De-identifying that information can maximise the utility and value of the information assets without compromising privacy or confidentiality.