The protection of your privacy and the confidentiality of your personal information is important to the Australian College of Rural and Remote Medicine ABN 12 078 081 848 ("the College").

Information that we do collect on individual members, subscribers and contacts is kept confidential and will only be accessed by authorised persons within College and authorised representatives unless advised otherwise. We also ensure that any agents, contractors and/or third parties engaged to provide services, are bound by the terms of this Privacy Policy to protect all personal information collected.

The College is bound by the Privacy Act 1988 (Cth) ("the Privacy Act") and the Australian Privacy Principles contained within the Privacy Act, which regulate how organisations may collect, store, use and disclose personal information, and how individuals may access and correct information held about them. If you have any concerns about privacy, please contact us on 07 3105 8200 or email us at privacy@acrrm.org.au.

'Personal information' means information or an opinion about an identified individual, or an individual who is reasonably identifiable:

  • whether the information or opinion is true or not; and
  • whether the information or opinion is recorded in a material form or not.

1. Purpose

The purpose of this Privacy Policy is to clearly outline the types of information that the College may collect, how we store and manage that information and how you can access your personal information or make a complaint about our handling of the information.

2. Types of information that we collect

We will only collect information from you that is reasonably necessary for or directly related to undertaking our business, membership activities and functions. The types of information that we will collect will depend on the products, benefits and services you have asked us to provide.

At or around the time we collect personal information from you, we will endeavour to provide you with a collection notice which details how we will use and disclose that specific information.

2.1 Personal information

The types of personal information we may ask for can include, but is not limited to, your name, date of birth, contact details (including your telephone number, email address, residential and/or business addresses), qualifications and medical registration numbers.  We may also ask for further information, such as your opinion, that is necessary for the provision of other services such as topics of interest and professional development activities attended or carried out. For payment of fees or reimbursement purposes we may require details of your credit card and or bank account and financial institution.

We will not collect, use or disclose information about you unless it is reasonably necessary to provide you with a product or service, unless we are legally required or permitted to collect, use or disclose that information.

2.2 Sensitive information

"Sensitive information" is a type of personal information that includes any information about a person’s racial or ethnic origin, political opinion, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record or health information.

Where nominated by you we do collect your nomination of Aboriginal and/or Torres Strait Islander ethnicity to support the development of appropriate services and cultural responsiveness for the organisation. We may report this on a de-identified basis to other entities concerned with indigenous medicine and services.

We will always explain the purpose for collecting sensitive information and obtain your consent to do so.

3. Unsolicited Personal Information

In the event we receive personal information in circumstances where we have not requested or solicited that information and it is determined by the College that the personal information is not required, we will destroy the information or ensure that the information is de-identified.

If such unsolicited personal information collected is in relation to potential future employment with the College, such as your resume or related information, and it is determined by the College that we may consider you for potential future employment, the College may keep the personal information in its records.

4. Anonymity

You may have the option of not identifying yourself or using a pseudonym when dealing with the College when it is lawful and practicable to do so, however, on some occasions we will not be able to do this and you will be notified if this is the case.

5. Why we collect personal information

The College collects personal information from you, in order to identify you, assess membership or other applications and provide products, benefits and services to you. To discuss the exact information we require for each product, please contact us on 07 3105 8200. You may also email us at privacy@acrrm.org.au.

6. How we collect your information

In most cases, we will only collect information from you directly, this can include written applications, in person at events or when you contact us via telephone or electronic means such as the Internet or email. Occasionally, we may collect personal information from other parties when required, such as to register as a trainee, process a procedural grant or other such claim. If we collect details about you from another party, we will, whenever possible, make you aware of why we have done this.

7. Information collected online

It is the usual practice of the College to collect information about visitors to our online resources. Information that is collected is limited and is used to identify online behavioural patterns. This information does not identify you personally.

Our online resources include, but are not limited to, websites and mobile applications ‘apps’. Information collected by these resources may collect the following information:

  • Server address / IP address
  • Date and time of visit to our site
  • Pages visited
  • Documents downloaded
  • The site you visited prior to visiting our website
  • The browser that you are using to access our resources
  • If you have visited our website before
  • Tracking user preferences

In addition to the above, mobile apps may collect location data; however, you will be notified if this is the case.

Most of our online resources use sessions and/or cookies, which enable us to monitor traffic patterns. We may engage service providers to conduct this analysis. A cookie does not identify you, however, it does identify your computer. However, in some cases, cookies may enable us to aggregate certain information with other personal information we collect and hold about you. The functionality of these resources will function if you disable these, however, you may be unable to access some functions if these are disabled.

If you make any payment while using our online resources, we will collect information from you which can include, but is not limited to, your email address, name and credit card details. This is so we may process your payment and provide you with a receipt for the payment.

8. If you chose not to give us personal information

Depending on the service we are providing, some information we may ask for may be identified as mandatory and some as voluntary. If you choose not to provide the College with the information that we have requested, we will typically, be unable to provide the product or service you have applied for, or administer a service that you have already purchased. Where this arises, we will advise you why.

9. Your consent

We only collect and disclose your information after obtaining your consent, or where otherwise permitted by law. Your consent can be express or implied. Express consent can be verbal or written, for example when you opt into the Professional Development Programme with Vocational Registration reporting, you are giving express consent to share your information to Medicare for this reporting purpose. This may need to be supplied through a third party reporting organisation. Your implied consent is taken when the College can reasonably conclude by some action you take, or if you decide to take no action, for example when you participate in a conference call and continue to speak after hearing that calls may be recorded or when you provide us with personal information that we have not specifically requested.

10. Storing and keeping your information safe

We store your personal information in both electronic IT systems as well as paper files. The College uses secure third party data storage facilities and services to manage this data.

The College maintains strict protocols for the storage of information and this will only be accessed by people that have the authority to do so. We maintain physical security (such as locks and security systems) and electronic security (such as firewalls and access controls for computer systems).

We will destroy or permanently de-identify the personal information if it is no longer needed: for the purposes for which we collected it; or for the purposes of meeting legal and regulatory requirements.

We will properly dispose of all paper files, correspondence and any other hardcopy documents that contain personal information that is no longer needed.

All information stored in electronic form that is no longer required will be deleted from our systems and/ or those of our third party data storage and networking suppliers.

11. How we use your information

We use the personal information we collect to provide services, benefits and products to you. In order to do this we may need to disclose some of your personal information to other people or organisations. This may include, but is not limited to contractors, government agencies, regional training providers or organisations that we have an alliance or arrangement with. We may also use or disclose personal information for other purposes where you would reasonably expect us to and the purpose is related to the purpose of collection, or where otherwise permitted by law.

We may also from time to time, use your information to market or promote services or products of the College we believe may be of interest to you. If you do not wish to receive such material, you can contact us by calling 07 3105 8200, emailing us at privacy@acrrm.org.au or, if applicable, using the “unsubscribe” email facility. We will then ensure the relevant communication ceases as soon as practical and no later than the time period permitted by law.

12. Disclosure of your information to third parties

Personal information that we collect from you may be disclosed to:

  • any entity to which we are required or authorised by or under law to disclose such information (for instance, law enforcement agencies and investigative agencies, courts, various other government bodies);
  • other third parties that you have been informed of at the time when any personal information is collected from you, for example a regional training provider that you are registered with;
  • our contractors, agents or business partners for purposes directly related to the purpose for which the personal information is collected or for a purpose permitted by this Privacy Policy, for example, activity or event providers;
  • our professional advisors and other contractors (for example IT consultants); and
  • external providers of services that where you have engaged us to act as your agent, such as booking flights, hotels tours etc.

We may also disclose your personal information where otherwise permitted or required by law.

We take such steps as are reasonable to ensure that these organisations and/or parties are aware of the provisions of this Privacy Policy in relation to your personal information.

13. Disclosure of your information to third parties overseas

The College on occasion may need to disclose your personal information to an overseas recipient where you have given us permission to do so, for example when verifying Recognition of Prior Learning or other international membership or registration matters. You will be notified of the country in which the overseas recipient is located when we obtain your permission to disclose your personal information to an overseas recipient.

Where you have given us permission to disclose your personal information to an overseas recipient, you understand and acknowledge that countries outside Australia do not always have the same privacy protection obligations as Australia in relation to personal information. We will, however, take steps to ensure that your information is used by overseas recipients securely and in accordance with the terms of this Privacy Policy.

14. Accessing your personal information

You are entitled to have access to any personal information relating to you which you have previously supplied to us. You are entitled to edit or delete such information unless we are required by law to retain it or permitted to retain it in accordance with this Privacy Policy. If you request it, we will provide you a summary of any personal information held about you in accordance with our obligations under the Privacy Act. If you request detailed information, the College may charge a fee for the retrieval of this information (but not for the making of the request).

Any requests for information will be processed within a reasonable timeframe (usually within 10 business days). If the retrieval of information involves accessing archived information and will take longer than normal, we will endeavour to provide you with an estimated timeframe.

Under some circumstances, we may refuse you access to personal information where denying access is required or authorised by law, where the request for access is regarded as frivolous or vexatious, or where information relates to anticipated or legal proceedings. If you are denied access to your information, we will explain why.

15. How we keep your information up to date

We will take reasonable steps to ensure that your personal information is accurate and up to date and we will correct this as soon as we know otherwise. You have the right to ask us to correct your information. If you learn that your information needs to be updated, you should contact us as soon as possible and we will process your request. If we refuse to correct your information, we will explain why in writing, and advise you of the mechanisms available to you to complain. You also have a right for a statement to be attached to your personal information if the College disagrees with your request to correct the information held.

16. Changes to this policy

The College constantly reviews its policies, statements, and procedures to keep up to date with relevant legislation. As a result, we reserve the right to update and change this Privacy Policy as directed by law or to reflect our business needs. Any changes will be updated on our website and will be effective on its uploading. If you have a concern or query about this process and how it may affect you, please contact us at privacy@acrrm.org.au.

17. What to do if you have a complaint

If you believe that we have not fulfilled our obligations under the Privacy Act or you do not agree with a decision made by the College in relation to the access or update of your personal information, you can make a complaint by email at privacy@acrrm.org.au or by writing to us at:

General Manager, Corporate Services
Australian College of Rural and Remote Medicine
GPO Box 2507
Brisbane
QLD 4001

Once we have received your complaint, we will investigate and endeavour to commence processing the complaint within 10 working days in order to respond in the time required by law. In order to resolve a complaint, we will liaise with you to identify and define the nature and cause of the complaint. We may request that you provide the details of the complaint in writing.  We will endeavour to keep you informed of the likely time within which we will respond to your complaint and will inform you of the basis of our decision.

If you are unhappy with the response from the College, you can direct your complaint to the Office of the Australian Information Commissioner at:

Office of the Australian Information Commissioner
GPO Box 5288
Sydney NSW 2001

Phone: 1300 363 99

Information on how to lodge a complaint with the Office of the Australian Information Commissioner can be found at: https://www.oaic.gov.au/privacy/privacy-complaints/lodge-a-privacy-complaint-with-us

18. Acknowledgement

By using our website, or procuring a product or service from the College, where you have been provided with a copy of our Privacy Policy or been given reasonable notice of our Privacy Policy, you are agreeing to provide the consents given by you in this Privacy Policy and that you have been informed of all of the matters in this Privacy Policy.

19. Document Control Information

19.1 Policy Information

Policy Contact and Author:GM Corporate ServicesApproving Body:Board
Status:FinalReview period:Every three years
Policy No and Version:C13: V1.1/2024Next review date:Oct 2024
Effective Date:29  February  2024Document Location:ACRRM Admin/Policies/College Policies
Responsible Officer:GM Corporate ServicesPolicy System Manager:MJ Streeton

 

19.2 Document History.

VersionDate ApprovedAuthorDescription of revisionInternal Distribution - DateInternal Distribution - Recipient/s
1.1Feb 2024GM Corporate ServicesMinor updated incl. change of privacy office detailsFeb 2024OCEO
1.0Oct 2021GM Corporate ServicesReview of wordingOct 2021OCEO
Previous system2014GM Corporate Services Oct 2014OCEO