Printer-friendly version
Body

1. Purpose and Objectives

The Information Privacy Act 2009 (Qld) sets out 11 Information Privacy Principles which regulate how the University collects, stores, provides access to, uses and discloses personal information. This policy outlines the process for the dealing with personal information in accordance with the Information Privacy Act 2009 (Qld).

2. Definitions, Terms, Acronyms

Privacy complaint - a complaint by an individual about an act or practice of the University in relation to the individual's personal information that is a breach of the University's obligations under the Information Privacy Act 2009.

Personal information - any information which identifies an individual or which allows his or her identity to be reasonably ascertained. In the University context, examples of personal information include home address, home telephone number, date of birth, marital status, next of kin; salaries and wages of University staff; all information concerning students, their enrolment, academic performance and their personal welfare (such as medical matters) and records of an individual student's library borrowings; information concerning persons who apply to the University for appointment or admission; information collected from or concerning human research subjects. It may include visual information, such as photographs of people.

Subsidiary companies - companies which are subsidiary to the University or otherwise connected to the University.

3. Policy Scope/Coverage

As a public authority established by the University of Queensland Act 1998, The University of Queensland is subject to the Information Privacy Act 2009. The policy does not apply to:

  • independent organisations that are not regarded as part of the University;
  • subsidiary companies, which may be subject to the Commonwealth Privacy Act 1988.

Parts of the Information Privacy Act 2009 do not apply to generally available publications such as magazines or to documents kept in libraries, museums or art galleries for the propose of reference, study or exhibition.

4. Policy Statement

The Information Privacy Act 2009 (Qld) sets out 11 Information Privacy Principles which regulate how the University collects, stores, provides access to, uses and discloses personal information. The Act enforces the IPPs with a statutory based complaints scheme which includes the award of compensation for privacy breaches.

The University is committed to the objectives of the Information Privacy Act 2009. This policy is based on the following principles:

  • the University supports responsible and transparent handling of personal information;
  • the University respects an individual's right to know how his or her personal information will be collected, used, disclosed, stored and disposed of; and
  • adequate privacy protection is a necessary condition for the University to participate in e-communications and e-transactions.

Personal information will be collected, stored, used and disclosed in accordance with the procedures.

5. Privacy Complaints

An individual that has concerns about how their personal information is being collected, stored, used or disclosed may make a complaint to the Right to Information and Privacy Office. The procedures prescribe how an individual makes a privacy complaint and provides information on how privacy complaints will be investigated.

Custodians
Director, Governance and Risk Ms Daphne Drewes