Navigate Up
This page location is:
  • The Gordon
    • Pages
      • Privacy
Sign In
Gordon
View our Facebook PageView our Twitter FeedView our Flickr ImagesView our YouTube Channel
  • Home
  • Courses
  • Short Courses
  • Areas of Excellence
  • Future Students
  • International
  • Employers
  • GTEC
  • Information Privacy Policy
You are here:  The Gordon > Information Privacy Policy

Information Privacy Policy

 
Page Content
INFORMATION PRIVACY POLICY
==========================
 
This policy and other related policies and procedures describe how
personal, sensitive and health related information is handled to ensure
privacy is maintained consistent with legislative requirements.
 
 
1.      SCOPE
 
        This policy covers personal, health and sensitive information
        collected by Gordon Institute of TAFE in relation to staff,
        prospective staff, students and prospective students.
 
2.      REFERENCES
 
        SMgt PR 5      Records Management
        SMgt PR 6      Information Privacy and Staff Records
        T&L PR 13      Care of Customer Supplied Material
        T&L PR 15      Student and Program Information and Traceability –
                       Attachment 1 Release of Student Information
        T&L PR 17      Student Excursions, Camps and Practical
                       Placement (Activity Consent Forms)
 
        External Documents
       
        Freedom of Information Act (Vic, 1982)
        Health Records Act (Vic, 2001)
        Information Privacy Act (Vic, 2000)
        Public Records Act (Vic, 1973)
 
3.      DEFINITIONS
 
        Consent
               Consent means expressed or implied consent.
 
        Health Information    
               Health Information means information or an opinion about:
 
               ·       the physical, mental or psychological health of
                       an individual, or
               ·       a disability of an individual, or
               ·       an individual’s expressed wishes about the
                       future provision of health services to be provided, or
               ·       a health service provided or to be provided.
 
               Health Information can be current information or that
               established at any time.
 
        Individual
               An individual could be an employee or prospective employee,
               a customer or prospective customer (student or otherwise)
               of the Gordon Institute of TAFE.
 
        Personal Information
               Information or an opinion (including information or an
               opinion forming part of a database), that is recorded in
               any form and whether true or not, about an individual
               whose identity is apparent, or can reasonably by
               ascertained, from the information or opinion, but does not
               include information of a kind to which Schedule 2 [of] the
               Health Records Act 2001 applies.
 
        Sensitive Information
               Sensitive Information is information or an opinion about
               an individual’s:
 
               ·       racial or ethnic origin, or
               ·       political opinions, or membership of a political
                       association, or
               ·       religious beliefs or affiliations, or philosophical
                       beliefs, or
               ·       membership of a professional or trade association;
                       or trade union, or
               ·       sexual preferences or practices, or
               ·       criminal record.
 
               All of these examples also represent personal information.
 
        Unique Identifiers
               Unique identifiers are an identifier (usually a number)
               assigned by an organisation to an individual to identify
               that individual in a unique manner for traceability within
               the organisation.
 
 
4.      POLICIES
 
        GENERAL POLICY
        ==============
 
        The Gordon Institute of TAFE is committed to meeting all of the
        legal obligations expressed in legislation relating to,
        Information Privacy covered by the following:
 
        ·       Information Privacy Act (Vic)
        ·       Health Records Act (Vic)
        ·       Public Records Act and associated legislation (Vic)
        ·       Freedom of Information Act (Vic)
 
        The Institute has developed policies and procedures aligned to the
        Privacy Principles described below and shall review the effective
        implementation of these principles to ensure the privacy rights of
        individuals are protected.
 
        PRIVACY PRINCIPLES
        ==================
 
        The Information Privacy and the Health Records Acts require the
        Gordon Institute of TAFE to store, use and disclose personal,
        sensitive and health information collected about staff and customers
        in accord with the Information Privacy Principles and the Health
        Privacy Principles described in these Acts.  
 
        The following Privacy Principles are aligned to the two sets of
        Principles set out in the Information Privacy and Health Records
        Acts and are to be used as Policy guidance by staff involved in
        the management of information.
 
        Principle 1 – Collection of Information:
       
               The Institute will only collect personal, sensitive and
               health information that is necessary to perform one or more
               of its legal functions or activities.  At the time of
               collection the individual will be advised of the reason for
               the collection of the information, the purpose for which it
               will be used, to whom the information may be disclosed, any
               law that requires the particular information to be
               collected; the consequences (if any) for the individual if
               all or part of the information is not provided; the
               individual’s right to access, and if appropriate, correct
               the information held.
 
        Principle 2 – Information Use and Disclosure:
 
               The Institute will not use or disclose personal, sensitive
               or health information about an individual for any purpose
               other than the primary purpose of collection unless the
               secondary purpose is related to the primary purpose of
               collection, and the individual would reasonably expect the
               organisation to use the information for the secondary
               purpose; or as required by law as specified in the
               Information Privacy Act.(Principle 2 of the Information
               Privacy Principles).
 
        Principle 3 – Data Quality:
 
               The Institute will take all reasonable steps to ensure the
               data it collects is accurate, complete and up to date.
 
        Principle 4 – Data Security:
       
               The Institute will take all reasonable steps to ensure the
               data collected is protected from misuse and loss, and is
               safe from unauthorised access, modification or disclosure.
               Information no longer required will be destroyed or stored
               securely (if storage is a requirement of other legislation,
               or as required by the Public Records Office).
 
        Principle 5 – Openness:
 
               The Institute will provide information to all individuals
               about the manner in which it manages the handling of
               personal, sensitive and health information. This
               information regarding management processes will be
               available to anyone who asks for it.  The Institute will
               also provide general information to any individual who
               asks, regarding the sort of personal sensitive and health
               information it holds and for what purpose, how it collects,
               holds, uses and discloses that information.
 
        Principle 6 – Access and Correction:
       
               The Institute will, unless prohibited by the requirements
               of the Information Privacy Act or Health Records Act,
               provide the individual with access to the information, or
               the opportunity to correct information held.  In some
               circumstances a request for access may need to be made
               under the Freedom of Information Act 1982.  In the event
               of a denial of access by the Institute the individual will
               have provided reasons for the denial in accordance with
               Principle 6 of either of the Information Privacy Act or
               the Health Records Act.
 
        Principle 7 – Unique Identifiers:
 
               The Institute will not collect or assign unique identifiers
               unless the collection or assignment of those identifiers is
               reasonably necessary to enable the Institute to carry out
               any of its legal functions efficiently.  These unique
               identifiers will not be shared with any other body or person
               unless the disclosure is necessary for the Institute to
               fulfil its legal obligations to the other organisation. 
               If these identifiers are collected or assigned the
               individual will be advised of the purpose for collection.
                The unique identifiers will not be used for any purpose
               other than that for which they were collected or assigned.
 
        Principle 8 – Anonymity:
 
               Identification is required to effectively manage all aspects
               of the enrolment process, results management, recruitment,
               security, general operational and Government reporting
               requirements.Anonymity may apply to general inquiries made by
               the public regarding course information, recruitment, etc
               unless the individual requests further information.  If
               further information is sought then a level of identification
               may be required.Other information where maximum anonymity
               will be protected wherever possible includes survey and
               course evaluation responses.
 
        Principle 9 – Data Transfer Limitations:
 
               The Institute will not transfer personal, sensitive or health
               information to a person or organisation outside the State
               of Victoria unless the Institute reasonably believes that
               the person or organisation is subject to a law or contract that
               upholds principles for fair handling of the information that
               are substantially similar to the principles embodied in the
               Information Privacy or Health Records Acts.  In most
               circumstances the transborder transfer of personal, sensitive
               or health information about an individual will only be made
               with the individual’s consent.
 
        Principle 10 – Sensitive Information:
 
               The Institute will not collect sensitive information unless
               the individual has consented, or it is required by law, or
               where there are other special circumstances such as those
               relating to health services provision and individual or
               public safety.
 
 
        SPECIFIC IMPLEMENTATION OF POLICY PRINCIPLES
        ============================================
 
        Reasons for Information Collection:
 
               Staff are to provide individuals with reasons at the time
               and point of collection, regarding what information is
               being collected and held, the purpose for holding the
               information and how the information is to be used or
               disclosed.
 
        Access to Personal Information on File:
 
               Any individual may request and be provided with access to
               information held consistent with Principle 6 (described
               above) and with Information Privacy Principle 6 from the
               Information Privacy Act.
 
               The individual will be provided with the opportunity to
               correct the information held if it is established that the
               information is not accurate.  All information must be kept
               securely and protected from unauthorised access,
               modification or disclosure.
 
        Information Privacy Officer:
 
               The Institute has delegated the Employee Relations
               Co-ordinator to act as its Information Privacy Officer.
 
        Freedom of Information Officer:
 
               The Institute has delegated the Executive Manager
               Education Operations and Development to act as its Freedom
               of Information Officer.
 
 
Page Content 2.1
Page Content 2
About Contact Campus Maps
 
 
Page Content 3.1
Victoria

Student portal Student Services Staff Portal Courses Careers Contact Library

Site Error Reports | Copyright & Disclaimer | Information Privacy Policy | References & Acknowledgements | Technical Terms & Notes © Gordon Institute of TAFE 2002-2011
ABN: 27 241 053 246. | Authorised by the Victorian Government, Melbourne. TOID: 3044. Interface designed for screen resolution minimum 1024 X 768 pixels.