Refer a student

Privacy Policy

SECTION 1

Purpose

1. The purpose this policy is to outline how IHM complies with the Privacy Act 1988 and the Australian Privacy Principles (APPs) 2014 and other federal laws on how IHM collects, stores, uses and disseminates student and staff personal information.

Scope

2. IHM is bound by Australian Privacy Principles (APPs) in the Privacy Act 1988 (Cth), Information Privacy Principles (IPPs) in the Privacy and Data Protection Act 2014 (Vic), the Health Privacy Principles (HPPs) (Cth) in the Health Records Act 2001, and to the related legal obligations by which it is bound.

3. This Policy covers IHM’s treatment of personally identifiable information that IHM collects through any means as part of the provision of its services. This Privacy and Security Statement does not apply to the practices of companies that IHM does not own or control or to people that IHM does not employ or manage.

4. IHM Privacy Policy is technology neutral, applying equally to paper-based and digital environments. This is intended to preserve the relevance and applicability, in a context of continually changing and emerging technology.

5. This policy covers all personal and sensitive information relating to students and staff and all institutional records including educational, training, assessment, policy, financial, Intellectual Property, compliance, and quality documents.

Definitions

6. Definitions for key terms are presented in the Glossary of Terms.

Suite documents

7. This Policy is linked to the following:

  • Privacy Procedure
  • See also Associated Information listed in the ‘Related Internal Documents’ in Section 3 below.

SECTION 2

Principles

8. Personal information is defined in the Privacy Act 1988 as “information or an opinion about an identified individual, or an individual who is reasonably identifiable:

  • whether the information or opinion is true or not; and
  • whether the information or opinion is recorded in a material form or not”

9. Sensitive Personal information is defined in the Privacy Act 1988 as “information or an opinion about an individual” that is also personal information, such as:

  • racial or ethnic origin
  • political opinions
  • membership of a political association
  • religious beliefs or affiliations
  • philosophical beliefs
  • membership of a professional or trade association
  • membership of a trade union
  • sexual orientation or practices; or
  • criminal record

10. Information about Students

10.1 IHM collects personally identifiable information that students provide when they register or enrol for any educational courses or programs, when they use certain IHM online services or products, or when they enter promotions. IHM’s preferred source of personal information is the individual concerned. However, IHM may also receive information from other sources such as other members of the Health Careers International (HCI) Group.

10.2 Under the Freedom of Information Act, Vic 1982, IHM will permit a student to apply for and receive a copy of the personal information that the provider holds on the student’s record.

11. Information about Staff

11.1 IHM collects personal information from its staff which may be used for Selection, Appointment, Promotion, General Administration or Provision of Services to staff. IHM’s preferred source of personal information is Page 3 of 8 the individual concerned. However, IHM may also receive information from other sources such as:

  • previous employers and referees nominated by prospective and current staff members.
  • academic assessors.
  • promotion and performance review assessments.

11.2 IHM takes all reasonable steps to ensure that information collected is:

  • necessary for IHM’s purposes.
  • relevant to the purpose of the collection; and
  • collected in a fair way, without unreasonable intrusion.
  • Provided to the respective student or staff when requested, following the Privacy Procedure

12. Collection of Personal Information

12.1 Personal information will not be collected unless:

  • The information is collected for a purpose directly related to students.
  • The collection of information is necessary for or directly related to the purpose for which the information is being collected.
  • The collection of the information is authorised or required by law.
  • With whom the information may be shared (such as the Australian Government, Placement Partners) the information collected is relevant to that purpose and is up to date and complete; and
  • The collection of the information does not infringe upon the personal affairs of the student in an unreasonable manner.

12.2 Personal information will not be collected by unlawful or unethical means.

12.3 Where personal information is collected for inclusion in a record or in a generally available publication, IHM will take all reasonable and practicable steps to ensure that, the student concerned is made aware of:

  • the purpose for which the information is being collected.
  • if the collection of the information is authorised or required by law and
  • with whom the information may be shared (such as the Australian Government or Tuition Assurance Scheme).

12.4 Where IHM solicits and collects personal information for inclusion in a record or in a generally available publication it will take reasonable steps to ensure that:

  • the information collected is relevant to that purpose and is up to date and complete; and
  • the collection of the information does not infringe upon the personal affairs of the student in an unreasonable manner

12.5 IHM is committed to complying with the obligation under the Privacy Act 1988, and the associated Australian Privacy Principles (APPs), in the way it specifically collects, uses, secures, and discloses personal information. IHM is committed to safeguarding any confidential information obtained by it. IHM will ensure that:

  • Information gathered for the express purpose of training and assessment matters will not be disclosed to a third party unless prior written consent is provided by the individual concerned, or in the case that it is required by law;
  • There is a provision for the secure storage of all records.
  • All information maintained on records is held in strict confidentiality.

13. Accessing and Correcting Personal Information

13.1 A link to IHM’s Privacy Policy is included in the Student Handbook, detailing the information collected and its intended uses.

13.2 IHM will ensure individuals have access to their personal information held by institutions, in compliance with legal obligations.

13.3 Requests for accessing information will be evaluated in accordance with relevant legislation, as well as IHM’s Privacy Procedure and Records Management Policy and Procedure.

13.4 Staff members encountering concerns regarding information access should seek guidance from People and Culture Officer.

13.5 Upon notification of inaccuracies, incompleteness or outdatedness in personal information, IHM will endeavors to rectify the data or document the individual’s dissent.

14. Securing, Storing and Retaining Data

14.1 IHM will implement measures to safeguard information against misuse, loss, unauthorized access, modification, or disclosure.

14.2 IHM’s protocols for Information technology security are delineated in the Cyber Security and Safety Policy, Records Management Policy and associated Procedure.

15. Disposing of and Destroying Information

15.1 IHM will only dispose of or permanently de-identify personal or sensitive information when no longer legally required. Destruction of documents will adhere to the Records Management Policy and related Procedure.

15.2 IHM will only dispose of or de-identify health information in accordance with the Health Records Act 2001.

16. Health Information

16.1 In addition to general obligation, IHM has specific duties regarding confidential health information if collected from staff and students.

16.2 Health records may be generated across various IHM operations, such as research, teaching, People and Culture functions, student counselling and student disability liaison. These records will be managed in compliance with Health Records Act 2001 as detailed in the Privacy Procedure and Records Management Policy and Procedure.

17. Anonymity and Pseudonymity

17.1 IHM respects and acknowledges the choice of anonymity and pseudonymity by individuals dealing with IHM. IHM provides opportunities for individuals to interact anonymously or by pseudonym with IHM where appropriate. For example, anonymous dealings may include an unidentified individual telephoning IHM to make a general enquire about its courses or services.

17.2 Pseudonymity requires that an individual may contact IHM and use a name, term or descriptor that is different from the person’s actual name. Examples may include an email address that does not contain the person’s actual name, and/or a username that a person uses when participating in an online forum.

17.3 Personal information should only be linked to a pseudonym if this is required or authorised by law.

17.4 Situations where it is impractical to implement Anonymity and/or Pseudonymity:

  • While IHM acknowledges Anonymity and Pseudonymity as a privacy principle, there are instances where identification is necessary to proceed with a matter.

17.5 The following are examples where it may be impracticable to deal with an individual who has not disclosed their actual identity:

  • Dispute resolution: it would be impracticable to investigate and resolve an individual’s particular complaint about how their case was managed or follow up on a staff member’s behaviour unless the complainant provided their name, contact detail and other relevant information.
  • Personal information requests: in responding to an individual’s request for personal information, IHM would require evidence of the person’s identity before proceeding with the enquiry; and
  • Eligibility for government subsidies or support: in responding to an individual’s course enquiry and potential government subsidy, IHM may not be able to provide definitive information without knowing the potential applicant’s identity, education history and/or personal circumstances.

SECTION 3

Associated Information

Related Internal Documents

Privacy Procedure

Records Management Policy

Records Management Procedure

Related Legislation, Standards, and Codes

Tertiary Education and Quality Standards Agency Act 2011

Higher Education Standards Framework (Threshold Standards) 2021

Health Records Act 2001

Privacy and Data Protection Act 2014 (Vic)

Higher Education Provider Guidelines (2023)

Higher Education Support Act (2003)

Date Approved

02.08.2024

Date of Effect

03.08.2024

Date of Next Review

30.07.2027

Approval Authority

Audit and Risk Committee

Endorsed by Board of Directors

Responsibility for implementation

Approval Authority

Approval Authority

Approval Authority

Approval Authority

IHM-AEP1-4.0

Change History

Version Control

Change Summary

Date

Short description of change, incl version number, changes, who considered, approved etc

Version 2.0

7/01/2021

  • Added version number
  • Minor editorial changes
  • Amended by the Learning and Teaching Committee at its meeting in December 2020 and feedback incorporated by the Director, Quality Assurance
  • Version 2 approved by Academic Board in February 2021

Version 3.0

6/10/2022

Comments from FEE-HELP application response included

Version 4.0

Version 4.0

  • The definitions relocated to IHM glossary of terms.
  • Template updated
  • Changes to align policy and procedure with Higher Education Support Act (2003) and Higher Education Provider Guidelines (2023)

Get in Touch
We are here
to help you!

Get an answer on courses, costs, careers as well as facilities, entry requirements or just about anything else relating to studying at IHM.
We are here to help you!

I consent to receiving information about IHM's courses and services by email and phone calls

×

Search the website