1. Policy Introduction
“Personal information” is information or an opinion about an identified individual or an individual who is reasonably identifiable, whether true or not and whether the information or opinion is recorded in a material form or not.
Medical Australia is bound by the Privacy Act 1998 (Commonwealth) (Act) and the Australian Privacy Principles that are contained in that Act.
2. Collection of Personal Information
Medical Australia may collect personal information about an individual in a variety of ways, including when an individual interacts with Medical Australia in person or electronically, for example when an individual accesses our website.
Medical Australia will only collect personal information about an individual where the information is reasonably necessary for one or more of our functions or activities. The kinds of personal information collected and held, how that information is collected and held and the purposes for which that information will be collected, held, used and disclosed will depend on the circumstances.
Examples of instances where personal information may be collected by Medical Australia include:
i. collecting personal information from shareholders for the purposes of enabling proper records to be kept and for reporting purposes; and
ii. collecting personal information from individuals who enter into service agreements, joint venture agreements or other transactions with Medical Australia for the purpose of administering those agreements or transactions or for reporting purposes.
Examples of the kinds of personal information Medical Australia may collect and hold include:
iii. phone number;
iv. fax number;
v. email address;
vi. information about goods or services ordered, acquired or supplied;
vii. information from enquiries made;
viii. communications between Medical Australia and an individual; and
ix. credit card information.
Medical Australia will take reasonable steps to ensure that the personal information that is collected, used or disclosed by it is complete and up to date. Medical Australia will only collect personal information about an individual from that individual unless it is unreasonable or impractical to do so.
3. Use and Disclosure of Personal Information
At or before, or if that is not practicable, as soon as practicable after, the time that the personal information is collected, Medical Australia will take reasonable steps to ensure that the individual is aware of the matters required by the Australian Privacy Principles, including:
i. why the personal information is being collected;
ii. who else the personal information might be given to;
iv. how to contact Medical Australia, including to make a complaint.
If Medical Australia collects personal information about an individual from someone else, Medical Australia will take reasonable steps to ensure that the individual is aware that Medical Australia has collected the information and of the above matters.
Medical Australia will only use or disclose this personal information for:
i. the purpose for which it was collected;
ii. any related purpose for which it would reasonably be expected to be used or disclosed;
iii. a purpose required or permitted by law; or
iv. a purpose for which the individual has provided consent.
Examples of instances where Medical Australia may disclose personal information about individuals to third parties include disclosure to providers of services to Medical Australia, government agencies, regulatory authorities, related bodies corporate of Medical Australia and professional advisers of Medical Australia. Medical Australia requires its service providers to keep the personal information confidential and not use it for any purpose other than performing those services.
Where the Privacy Act so permits Medical Australia may also disclose credit related information (in respect of commercial credit) to CRBs such as Veda or Dunn & Bradstreet, if it receives an application for commercial credit or a request to increase a commercial credit limit with Medical Australia.
Where Medical Australia collects information that it is likely to disclose to a CRB:
the CRBs may include that information in reports provided to Medical Australia to assist it to assess your creditworthiness;
if you fail to meet payment obligations in relation to commercial credit or commit a serious credit infringement, Medical Australia may be entitled to disclose this to the CRB;
Medical Australia will only disclose personal information to CRBs where Medical Australia is a member of a recognised External Dispute Resolution Scheme (‘EDR Scheme’). If Medical Australia discloses your personal information to CRBs, Medical Australia will provide you written notice prior to that disclosure, as well as the details of the recognised EDR Scheme.
Medical Australia does not disclose personal information for any secondary purposes without the relevant person’s consent or as required by law, and it does not sell or license any personal information that it collects.
Medical Australia is unlikely to disclose personal information to overseas recipients.
4. Security of Personal Information
Medical Australia will take reasonable steps to ensure that the personal information that it holds is protected from misuse, interference and loss and from unauthorised access, modification and disclosure.
Medical Australia will also take reasonable steps to ensure that personal information it holds that is no longer necessary for the disclosed purpose is destroyed or permanently de-identified, subject to any legal obligation to keep the personal information for any required period of time.
5. Access to, Updating and Correcting Personal Information
At the request of an individual, Medical Australia will, in most circumstances, provide access to an individual to any personal information that is being held by Medical Australia about that individual.
There are certain circumstances where Medical Australia will not provide an individual access to such personal information in accordance with the Act. These circumstances include where providing access would have an unreasonable impact on the privacy of others, where providing access would reveal commercially sensitive information about the organisation or where providing access would be unlawful.
An individual can seek access to, and update or correct, any personal information that is being held by Medical Australia about that individual by contacting us here.
6. Amendment of Policy
Medical Australia may amend this Policy from time to time.
7. Intranet and Website
This Policy as amended from time to time is to be placed on the Medical Australia intranet and website and is also available upon request.
9. Concerns, Queries and Complaints
If a person has any concern, query or complaint about:
i. any personal information that may have been collected, used or disclosed by Medical Australia;
iii. a breach of the Australian Privacy Principles,
they are to be referred to the Company Secretary/Chief Financial Officer.
Medical Australia takes complaints very seriously and will respond shortly after receiving written notice of the complaint. If a person is not satisfied with the outcome, then that person may contact the Office of the Australian Privacy Commissioner:
Office of the Australian Information Commissioner
Phone: 1300 363 992
Approved [28 June, 2016].