Holmesglen Privacy Statement
Holmesglen Institute respects your right to privacy and, any personal information provided by you to the Institute will be held in confidence. This policy outlines how Holmesglen handles personal and health information in accordance with the Privacy Act 1988 (Cth), Privacy and Data Protection Act 2014 (Vic), Health Records Act 2001 (Vic.) and the Higher Education Support Act (HESA) 2003 (Cth). The Policy applies to all personal and health information provided to Holmesglen Institute and information about individuals obtained from other sources.
Personal information collected by Holmesglen for the purposes of State and Commonwealth Supported Places or HELP Loans assistance and the repayment of HELP loans is handled in accordance with the information privacy principles set out in the Privacy Act 1988 (Cth), Privacy and Data Protection Act 2014 (Vic), and the Higher Education Support Act (HESA) 2003 (Cth). Students who are eligible for State and Commonwealth Supported Places or HELP Loans should refer this policy that provides you with the relevant information.
Collection of personal information
Holmesglen collects and holds personal information (including sensitive information) about prospective, current and past students, parents, guardians, care providers, prospective, current and past staff members, volunteers and contractors. The purposes of collecting this information is to:
- Enable Holmesglen to deliver educational services; and
- Meet the wider functional needs of Holmesglen, including financial management, legal accountability, and national reporting requirements; and
- Meet the requirements of Legislation.
Holmesglen will only collect personal information using lawful and fair means, and not in an unreasonably intrusive way. Holmesglen will collect health information only if the information is necessary for one or more of its functions or activities and with consent, or pursuant to an exception specified in the Health Records Act 2001.
Sensitive information
Holmesglen will collect sensitive information about an individual:
- with the consent of the individual and
- the collection is reasonably necessary for, or directly related to, any of the purposes outlined above.
Method of collection
Holmesglen takes all reasonable steps to ensure that information collected:
- is necessary for Holmesglen’s purposes; and
- is relevant to the purpose of collection; and
- is collected in a fair way, with consent where reasonably possible and without unreasonable intrusion; and
- is as up to date and complete as reasonably possible.
Where Holmesglen collects personal and health information about an individual directly from that individual, it will take reasonable steps to ensure that the individual is aware of:
- the identity of Holmesglen and contact details; and
- the fact that he or she is able to gain access to the information; and
- the purposes for which the information is collected (“the primary purposes”); and
- to whom (or the types of individuals or organisations to which) the Holmesglen usually discloses information of that kind; and
- any law that requires the particular information to be collected; and
- the main consequences (if any) for the individual if all or part of the information is not collected.
Important sources of personal information, collected by Holmesglen may include:
Students
- Schools, Victorian Tertiary Admissions Centre (VTAC), its successors and equivalent interstate and overseas bodies; and
- Other tertiary institutions, including private providers and recruitment agencies.
Staff (includes volunteers)
- Previous employers and referees nominated by prospective and current staff members;
- Academic assessors;
- External and internal medical and rehabilitation providers; and
- Employment review assessments, and
- Other government bodies for the purposes of employment eligibility.
Holmesglen will not collect personal information about an individual from any party other than those outlined above, or the individual themselves unless:
- prior consent is provided or,
- where the collection of information is required or authorised by the Australian law or course/tribunal order or,
- where is it impractical or unreasonable to obtain the individual consent.
Other persons
- Information for parents, guardians, care providers, for students as relevant
- Information on contractor details as relevant to the requirements of related legislation who provide goods and services to Holmesglen.
Notification
Holmesglen will take all reasonable steps to ensure an individual is aware that personal information has been collected about them, and the circumstances of collection if:
- the information has been collected from a person or entity other than the individual; and
- the individual could not reasonably be expected to know that the information has been collected about them.
This notification will include:
- the purpose of collection;
- the consequences for the individual if the information is not collected;
- the bodies and organisations (if any) to which the information may be disclosed;
- who within the organisation is collecting the information, and with whom it will be shared
- that individuals can request access to their information and,
- whether the collection is required by law.
Use of disclosure
Holmesglen uses or discloses personal or health information collected for its primary use, with the prior consent of the individual except in any of the following situations where the use and disclosure of information may be required for a secondary purpose:
- If the information directly relates to the primary purpose; or
- The use or disclosure of the information is required or authorised by or under an Australian law or a court/tribunal order; or
- For personal information, if the use or disclosure is necessary for research, or the compilation or analysis of statistics, other than for publication in a form that identifies any particular individual; and
- it is impracticable for Holmesglen to seek the individual’s consent before the use or disclosure; and
- in the case of disclosure – Holmesglen reasonably believes that the recipient will not disclose the information; or
- For health information, if the use or disclosure is necessary for research, or the compilation or analysis, in the public interest as contained in the Statutory Guidelines on Research 2002 under the Health Records Act 2001 (Vic); or
- Holmesglen reasonably believes that the use or disclosure is necessary to lessen or prevent either:
- a serious and imminent threat to an individual’s life, health, safety or welfare; or
- a serious threat to public health, public safety or public welfare; or
- Holmesglen has reason to suspect that unlawful activity has been, is being or may be engaged in, and uses or discloses the personal information as a necessary part of its investigation of the matter or in reporting its concerns to relevant persons or authorities; or
- Holmesglen reasonably believes that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.
In some circumstances Holmesglen may release students’ personal information in the following instances:
- academic progress information to another tertiary institution or related body as required in the course of a student’s transfer to a new institution;
- personal and enrolment information, including academic results, of students undertaking cross-institutional study to the relevant institution as required to confirm the student’s enrolment or qualification;
- personal information to relevant organisations engaged by Holmesglen to provide debt recovery services;
- personal and enrolment information, including academic results, of students undertaking apprenticeship training to their employer.
- Other government and regulatory bodies as required under Australian Law or court/tribunal order.
Individuals may request that Holmesglen does not send direct marketing communications to them by contacting Holmesglen’s Privacy Officer. However, Holmesglen reserves the right to use or disclose personal information about an individual for the purposes of direct marketing if the information was collected from the individual or someone other than the individual and, where the individual did not reasonably expect use of disclosure of the information.
Holmesglen will not use sensitive information for the purpose of direct marketing without the individual’s consent.
Holmesglen has advised the individual that they can request not to receive direct marketing communications by contacting Holmesglen Privacy Officer.
Data quality
Holmesglen will take reasonable steps to make sure that the personal and health information it collects, uses or discloses is accurate, complete and up to date. If Holmesglen is to ensure quality and accuracy of personal information, this places an obligation upon the individual to provide relevant and accurate information to Holmesglen.
Unsolicited personal information
If Holmesglen receives personal information about an individual that it did not solicit, Holmesglen will determine whether Holmesglen could have collected the information under the Information Privacy Principle 3, as contained in the Victorian Privacy and Data Protection Act 2014.
Holmesglen reserves the right to use or disclose the unsolicited information for the purposes of making this determination.
If Holmesglen determines that it could not have collected the information under the Victorian Privacy and Data Protection Act 2014, Holmesglen will destroy or de-identify the information as soon as practicable, provided it is lawful and reasonable to do so.
Data security
Holmesglen will take all reasonable steps to ensure that the personal and health information it holds is protected from misuse, loss, or unauthorised access, modification or disclosure.
Holmesglen will also take all reasonable steps to destroy or permanently de-identify personal and health information if it is no longer needed for any purpose. Under the Public Records Act 1973 (Vic) Holmesglen is required to keep full and accurate records.
Destruction of personal and health information will be carried out according to Holmesglen’s disposal schedules.
Openness
Holmesglen makes this Privacy Policy available on its website.
On request by a person to the Privacy Officer, Holmesglen will take reasonable steps to let the person know, generally, what sort of personal and health information it holds, for what purposes, and how it collects, holds, uses and discloses that information.
Access to and correction of personal information
Access
If Holmesglen holds personal or health information about an individual, it will provide the individual with access to the information on request by the individual, except to the extent that:
1. Holmesglen reasonably believes that giving access may pose a serious and imminent threat to the life, health or safety of any individual, or to public health or public safety; or
2. Giving access would have an unreasonable impact on the privacy of other individuals; or
3. The request for access is frivolous or vexatious; or
4. The information relates to existing or anticipated legal proceedings between Holmesglen and individual, and would not be accessible by the process of discovery in those proceedings; or
5. Giving access would reveal the intentions of Holmesglen in relation to negotiations with the individual in such a way as to prejudice those negotiations; or
6. Giving access would be unlawful; or
7. Denying access is required or authorised by or under an Australian law or a court/tribunal order; or
8. Both of the following apply:
a. Holmesglen has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to Holmesglen’s functions or activities has been, is being or may be engaged in; and
b. Giving access would be likely to prejudice the taking of appropriate action in relation to the matter; or
9. Giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body;
or
10. Giving access would reveal evaluative information generated within Holmesglen in connection with a commercially sensitive decision-making process.
Holmesglen will respond to a request for access to personal information within a reasonable period, and give access to the information in the manner requested by the individual, if Holmesglen considers that it is reasonable and practicable to do so. If Holmesglen has refused access, it will provide reasons for the refusal.
Access charges
Holmesglen reserves the right to charge an individual for access information under the Freedom of Information Act. Details of relevant fees will be provided to the individual on receipt of a request for access, but no charges will apply to the actual making of the request.
Holmesglen may refuse to provide access until the fee is paid.
Correction
If Holmesglen holds personal information about an individual and either:
- Holmesglen is satisfied that, considering the purposes for which the information is held, the information is inaccurate, out of date, incomplete, irrelevant or misleading; or
- the individual requests Holmesglen to correct the information;
Holmesglen will take such steps (if any) as reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading, within a reasonable time frame.
If changes have been made to information that has previously been disclosed to a third party, and the individual requests that the third party be notified of the correction, Holmesglen will take all reasonable steps to give that notification, unless it is impracticable or unlawful to do so.
Refusal to correct personal information
- If Holmesglen determines that it will not alter the personal information as requested by the
- individual, it will provide written notice of this decision, including the reasons for a refusal and the mechanisms available to the individual to gain more information.
Request to associate a statement
If Holmesglen refuses to correct personal information as requested by the individual, the individual may request that Holmesglen associates a statement with the information to the effect that the information may be inaccurate, out of date, incomplete, irrelevant or misleading. Holmesglen will take all reasonable steps to ensure that this statement is apparent to users of the information.
Costs
Holmesglen will not charge an individual for making a request for correction of personal information, for correction of the personal information, or for associating a statement with the personal information.
Unique identifiers
Holmesglen assigns unique identifiers to Staff and students which are necessary for Holmesglen to carry out its function efficiently. All students undertaking study in a nationally recognised training course will need to have a Unique Student Identifier (USI), as required by the Australian Government. More information is accessible from the Australian Government USI Website
Holmesglen will not adopt a unique identifier of an individual that has been assigned by another organisation. However, Holmesglen may collect and store unique identifiers used by other organisations. These may be included in reports to relevant Commonwealth and Victorian departments and agencies.
Anonymity
An individual may, in some circumstances, be able to request and receive information from Holmesglen anonymously. This may be done by making a request to Holmesglen’s Privacy Officer. Anonymity will not be available if:
- Holmesglen is required or authorised by Australian law, or by a court or tribunal order, to deal with individuals who have identified themselves; or
- it is impractical for Holmesglen to deal with individuals who have not identified themselves.
Transborder data flow
Holmesglen will only transfer personal or health information about an individual to someone (other than Holmesglen or the individual) who is outside Victoria if:
- Holmesglen reasonably believes that the recipient of the information is subject to a law, binding scheme or contract which effectively upholds principles for fair handling of the information that are substantially similar to the Information Privacy Principles set out in this Policy and in accordance with the Privacy and Data Protection Act 2014 (VIC) and Health Records Act 2001 (VIC); or
- The individual consents to the transfer; or
- The transfer is necessary for the performance of a contract between the individual and Holmesglen, or for the implementation of pre-contractual measures taken in response to the individual’s request; or
- The transfer is necessary for the performance of a contract in the interest of the individual between Holmesglen and a third party; or
- All of the following apply:
- the transfer is for the benefit of the individual;
- it is impracticable to obtain the consent of the individual to that transfer;
- if it were practicable to obtain that consent, the individual would be likely to give it; or
- Holmesglen has taken reasonable steps to ensure that the information which it has transferred will not be held, used or disclosed by the recipient of the information inconsistently with the Privacy Statement.
Sensitive information
Holmesglen will not collect sensitive information about an individual unless:
- the individual has consented; or
- the collection is required under law; or
- the collection is necessary to prevent or lessen a serious and imminent threat to the life or health of any individual, where the individual whom the information concerns:
Despite the above, Holmesglen may collect sensitive information about an individual if the collection:
- is necessary for research, or the compilation or analysis of statistics, relevant to government funded targeted welfare or educational services; or
- is of information relating to an individual’s racial or ethnic origin and is collected for the purpose of providing government funded targeted welfare or educational services; and
- there is no reasonably practicable alternative to collecting the information for that purpose; and
- it is impractical for Holmesglen to seek the individual’s consent to the collection.
Information Privacy Enquiries
Contact us at privacy@holmesglen.edu.au if you have any questions about this Privacy Statement or our collection, use or disclosure of your personal information.
Breaches of this Policy
The Institute has an established Information Privacy Committee whose responsibilities ensure that details contained within this policy are adhered to throughout the Institute. In the first Instance, alleged breaches of this policy should be referred to the area where the information was initially lodged by you.
If a satisfactory resolution cannot be reached at this level, the alleged breach should be submitted in writing through Holmesglen’s complaint and appeals process. All matters received through this process will be managed in accordance with Holmesglen’s complaint and appeals process.