Main Menu
Privacy PolicyOur commitment to individual rights, ethical standards and social justice includes commitments to the appropriate collection, storage and use of information, and to the protection of personal information (AQTF, 2005, s4, s9, s10; CRICOS, 2006:23, s14). In undertaking our normal business of quality, research, and resource management, we collect, store and use personal information. Research and learning in all fields of human endeavour usually involves the collection of personal information. While we treat this information with the highest standards of confidentiality and privacy, there are occasions when we may disclose this information to third parties where required by law, or where necessary for the conduct of our business. There are a range of guidelines, processes and policies already in place to protect the privacy of personal information at IMDS Pty Ltd. Overall responsibility for privacy rests with the Managing Director, and operational management with the Quality and Risk Coordinator (QRC). Tthe Quality and Risk Officer (QRO) is the first point of contact for all people on privacy matters including general information, requests to access and/or amend personal information, and for internal review and resolution of complaints. Our Privacy Policy has been developed in accordance with the Queensland Government Information Standard 'Queensland Privacy' (IS42) which provides 11 Information Privacy Principles (See 3.1 in IS42 for IPPs). These IPPs represent the community standard for collecting, storing, using, and disclosure of personal information by public agencies in Queensland. The Queensland IPPs are similar to the 11 Information Privacy Principles in the Commonwealth Privacy Act 1988. Queensland Privacy is state government policy, not legislation, and is subject to legislation and existing contractual responsibilities of agencies, for example legislation which takes precedence includes the Queensland Freedom of Information Act 1992; the confidentiality provisions of the Queensland Child Care Act 2002; section 63 of the Queensland Health Services Act 1991; the Libraries Act 1988; and pre-existing contracts might require adherence to the privacy regime of the Commonwealth and other States/Territories in Australia, as well as, other countries for the purposes of that contract. Under the provisions of IS42, all organisations must appoint a Privacy Contact Officer, and develop a Privacy Plan and a Privacy and Information Security Statement. In accordance with those requirements, IMDS Pty Ltd has devolved this responsibility to the Quality and Risk Coordinator to develop the documentation, reviewed annually in accordance with IS42. Personal information may be defined as any information that would allow an individual to be identified, for example their name, age, or physical characteristics. It can be an opinion about an individual, which need not be true, or anything that can be used to identify a person. Personal information can be stored on various media including paper, electronic database, photographic and video image, digital form, body sample, and biometric data. IS42 does not apply where there is a statutory basis for the collection, storage, use and disclosure of personal information and where the personal information concerns a deceased person. Use and disclosure of personal informationWe only collect, store, and use personal information that is necessary for our product and service provision. We take all reasonable steps to prevent unathorised access to, maintain disclosure of, and secure your personal information to reduce the misuse or loss of your personal information. In providing these products and services, we seek your consent for the use of your personal information to provide you with requested products and services, to allow us to communicate effectively with you, and to use your personal information with third parties with whom we engage or contract to provide products and services on our behalf. In other circumstances, we will endeavour to obtain your consent before information is disclosed to third parties. Sometimes, where your consent has not been obtained, information may be disclosed to third parties if we believe that we can:
Visits to our websiteWhen you visit our website, our internet service provider (ISP) will maintain information about your visit, and may record the following information:
Access to your informationIndividuals can obtain information about personal information which IMDS Pty Ltd may hold about them, and can request access to that information by contacting the Quality and Risk Coordinator, IMDS Pty Ltd, PO Box 1333, Robina DC, QLD 4226. Individuals can also contact the QRC to request an amendment to the personal information held by IMDS Pty Ltd about them, or to request an internal review of a decision made in response to a request for access or amendment (See the Information Management Policy, Procedure, and supporting documentation). Requests must be made in writing via letter or email, and must be made within 6 months from the date of the suspect breach. Requests will be acknowledged in writing within ten (10) business days from the date on which the application was received, and IMDS Pty Ltd will process the request within forty (40) business days from the date on which the application was received. Applicants will be advised in writing of our decision. If an applicant does not agree with our decision they may request an internal review by writing to the Managing Director who will arrange for an internal review within twenty (20) business days to be carried out by a senior officer who has not previously been involved in the matter. The applicant will receive a response in writing. For more information see the Customer Compliments and Complaints Policy. Managing Director
|
