The Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Privacy Amendment Act) made many significant changes to the Privacy Act 1988 (Privacy Act). These changes commenced on 12 March 2014. The Privacy Regulation 2013, made under the Privacy Act, also commenced on 12 March 2014.
Privacy Principles that are strictly applied to all aspects of FiT’s operations include:
Collection
FiT will only collect necessary information pertaining to one or more specific operations. The student will be informed as to the purpose for which details are being collected.
Use and disclosure
FiT will ensure student personal information is not used or disclosed for secondary purposes without obtaining explicit consent from the student unless a prescribed exception applies.
Data quality
FiT will take all reasonable measures to ensure that all students’ personal information that is collected, used or disclosed is accurate, current and complete.
Data security
FiT will take all reasonable measures to ensure all collected students’ personal information is protected from misuse, loss or damage, and that all data and record storage is secure from unauthorised access, modification or disclosure.
Openness
FiT will maintain documentation which details how students’ personal information is collected, managed and used. When a student makes an enquiry in relation to information collected, FiT will explain what information is held, for what purpose it is held and what procedures outline the collection and use of information.
Access and correction
FiT will allow students access to personal information held in all circumstances unless prescribed exceptions apply. If the student identifies errors within the information, FiT will correct and update to file.
Unique identifiers
FiT will not assign students unique identifiers except when it is necessary for efficiency of operations. Commonwealth Government identifiers, such as Medicare numbers or Tax File Numbers, will only be used for the purposes of which they were issued.
Anonymity
FiT will provide students the opportunity to interact with the business without requiring the student to make their identity known in any circumstances it is practical and possible to do so.
Trans-border data flows
FiT privacy protection principles apply to the transfer of data throughout Australia.
Sensitive information
FiT will request specific consent from a student in circumstances where it is necessary to collect sensitive information. Sensitive information may include, but is not limited to; information relating to a student’s health, criminal record, racial or ethnic background.