Privacy Policy
Privacy Policy
Purpose
This policy ensures that BIA meets its legal and ethical requirements regarding the collection, storage and disclosure of the personal information it holds in regard to individuals.
This policy and procedure contribute to compliance with Clause 8.5 of the Standards.
Definitions
ASQA means Australian Skills Quality Authority, the national VET regulator and the RTO’s registering body
Personal information means ‘information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- ‘Whether the information or opinion is true or not; and
- ‘Whether the information or opinion is recorded in a material form or not.[1]
Standards means the Standards for Registered Training Organisations (RTOs) 2015 from the VET Quality Framework which can be accessed at www.asqa.gov.au
Policy
1. Privacy Principles
Brighten Institute Australia complies with all requirements of the Australian Privacy Principles in the collection, use and secure storage of personal and other identifiable information. Refer to http://www.oaic.gov.au/privacy/about-privacy for further information about the legislation itself. Personal information is collected from individuals in order that BIA can carry out its business functions. BIA only collects and securely stores information that is directly related to its business purposes and legal requirements of providing nationally recognised training and assessment. In collecting personal information, BIA complies with the requirements set out in the Privacy Act 1988 and the relevant state/territory regulatory requirements in which the RTO operates. This means BIA ensures that learners:
- Know why their information is being collected, how it will be used and to whom it will be disclosed.
- Can access their personal information upon request.
- Do not receive unwanted direct marketing.
- Can ask for personal information that is incorrect to be corrected.
- Can make a complaint about BIA if they consider that their personal information has been mishandled.
2. Collection of information
In general, personal information will be collected through course application and/or enrolment forms, training records, assessment records and online forms and submissions.The types of personal information collected include:
- personal details
- contact details
- employment information where relevant
- academic history
- statistical information about your prior education, schooling, reasons for enrolling,
- training, participation and assessment information
- fee and payment information
3. Storage and use of information
BIA stores records containing personal information securely and takes all reasonable security measures to protect the information from unauthorised access, misuse or disclosure.The Personal Information protocols differ depending on the nature of the learner’s engagement with BIA; those enrolled in Short Courses and those enrolled in full Qualifications. The duration of the learner’s journey with Brighten dictates which set of procedures apply to their personal information.
SHORT COURSE ENROLMENTS
Personal information is stored in encrypted format on our secure servers. In the case of AVETMISS data, all records are encrypted and securely stored only until they are submitted to NCVER in accordance with requirements of VET regulations. After submission of the AVETMISS data, any trace of the information submitted is erased and removed from our servers: BIA only retains sufficient information as necessary to meet all legislative and regulatory reporting requirements.
QUALIFICATION ENROLLMENTS
Learners’ personal information is used only to enable efficient student administration, provide information about training opportunities, and to maintain accurate and detailed student records of course participation, progress and outcomes. BIA may use the personal information provided by an individual to market other internal products and services to them. An individual may opt out of being contacted for marketing purposes at any time. Information will not be passed onto any third-party marketing companies without the prior written consent of the individual.
4. Disclosure of information
The personal information about students enrolled in a Course with BIA may be shared with the Australian Government and designated authorities, such as ASQA (the RTO’s registering body), Australian Apprenticeship Centres (AACs), and the National Centre for Vocational Education Research (NCVER). This includes personal details, contact details, course enrolment information, unit outcomes, AQF certification and statement issuance and information about training participation and progress. BIA will not disclose an individual’s personal information to another person or organisation unless:
- They are aware that information of that kind is usually passed to that person or organisation.
- The individual has given written consent.
- BIA believes on reasonable grounds that the disclosure is necessary to prevent or lessen a serious threat to the life or health of the individual concerned or another person.
- Disclosure is required or authorised by, or under, law.
- The disclosure is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of public revenue.Any person or organisation to which information is disclosed is not permitted to use or disclose the information for a purpose other than for which the information was supplied to them.
5. Access to records
Individuals have the right to access or obtain a copy of the Personal Information that BIA holds about them including personal details, contact details and information relating to course participation, progress and AQF certification and statements of attainment issued. “Records” does not include: information pertaining to assessment submissions, competency judgements, assessment evidence or the assessments used to collect it.Requests to access or obtain a copy of the records held about an individual must be made by contacting our office using the Request to Access Records Form. The individual must prove their identity to be able to access their records.There is no charge for an individual to access the records that BIA holds about them; however, there may be a charge for any copies made. Arrangements will be made within 10 days for the individual to access their records.
6. Correction to records
If an individual believes their personal information (as represented on the records that BIA holds about them) is incorrect, incomplete, out of date or misleading, they can make a request in writing that the information be amended. This does not apply to information directly related to or produced within the learner’s enrollment, including decisions of competency or assessment judgements / evidence.
7. Complaints
Any individual wishing to make a complaint regarding the collection, storage, or handling of their Personal Information by BIA can do so by following BIA’s Complaints and Appeals Policy and Procedure.
Procedures
1. Privacy Notices
| Procedure | Responsibility |
| A. Privacy notices – Ensure privacy notices are added to relevant forms and information such as Enrolment Forms, website etc. (Note: this section is recommended, not essential) | Quality Assurance Manager |
2. Marketing Privacy
| Procedure | Responsibility |
| B. Email marketing – Ensure there is an opt-out option on all marketing emails and correspondence sent to individuals in relation to marketing. | Chief Executive Officer |
3. Access to Records
| Procedure | Responsibility |
| C. Request to access records – Individuals may request to access their records by using the Request to Access Records Form. Written requests should be sent to the head office. – Requests may be from past or current students or other individuals. It may be to access records held in a file about a student, or access to a previously issued AQF certification document – refer to the AQF Certification Policy & Procedure.– Upon receiving a completed form, confirm the request is valid and has been made by the individual to which the records relate – check identification documents.- Arrangements for provision of records should be made as suitable – mailing copies, providing a time for records to be viewed etc.- Arrangements should be made verbally and confirmed in writing within 10 days of receiving the request. – Where records are to be mailed, they should only be mailed to the address that is held on file for that individual, unless alternate change of address information is provided along with proof of identity – such as a driver’s license or utility bill.– Where records are to be shown to an individual, the student must produce photo ID prior and this should be matched to the records held on file about the individual to confirm they are only viewing their own records. – Keep a note on how the records were accessed on the individuals file. | Administration Coordinator |
4. Amendment to Records
| Procedure | Responsibility |
| D. Request for records to be amended – Where an individual requests for incorrect records held about them to be corrected, they can do so by filling in an Amendment to Records Request Form.– If it is a change of address or contact details of a current student, they can use the Change of Details Form – Upon receipt of a request form, consider whether the records held are correct or not. If the request is valid and records are incorrect, update records accordingly. – Do not update records if they are found to be correct already– Advise the individual accordingly of the actions taken to follow up their request | Administration Coordinator |
[1] Definition from: Australian Government. Privacy Act 1988 (Cth). Accessed on 5th January 2014 at http://www.comlaw.gov.au/Details/C2014C00076/Html/Text#_Toc382302897