Human Resources Directorate

Similar documents
Privacy Policy PURPOSE SCOPE POLICY. Data Collection

DATA PROTECTION POLICY 2016

PRIVACY POLICY. Your Village Pty Ltd ABN ( Steam Capital ) is committed to protecting your privacy.

Privacy Policy - RevTech Media Pty Ltd ABN Who we are

PRIVACY POLICY GENERAL

Data Protection Policy

DISCRIMINATION, BULLYING AND HARASSMENT PREVENTION PROCEDURES

Amendments to Part II of the Canada Labour Code. September 17, 2014

Why does AM collect personal information?

FACILITIES: YOUR RIGHTS

Dignity at Work Procedure

Grievance Policy/Procedure

SUPPLY NETWORK GROUP PRIVACY POLICY

Code of Conduct Policy

Data Protection Policy for the Grimsby Institute of Further & Higher Education

Grievance Procedures for Support Staff

General Optical Council. Data Protection Policy

Equality & Diversity Policy

PRIVACY POLICY WHAT IS PERSONAL INFORMATION AND WHAT KINDS OF PERSONAL INFORMATION DOES ADECCO COLLECT?

Code of Conduct INTRODUCTION

Sprowston Community High School. Whistleblowing Policy

Data Protection Policy

Highbury Grove School Disciplinary Procedure

Fairness at Work (Grievance Policy & Procedure)

Humber Information Sharing Charter

POLICY. Descriptors : 1) Conduct 2) Behaviour 3) Ethics 4) Rules

Main Statement of Terms and Conditions of Employment

EQUALITY AND DIVERSITY POLICY

Information Collection & Privacy Policy

COMMANDER GROUP PRIVACY POLICY

The UK legislation is wholly retrospective and applies to all information held by public authorities regardless of its date.

University-wide. Staff Only Students Only Staff and Students. Vice-Chancellor. Chief Operating Officer. Director, Human Resources

Whole School Model Disciplinary Procedure

Data Protection Employee Privacy Notice

MTA EMPLOYMENT RELATIONS FACT SHEET

Discipline Policy and Procedure. Adopted by the Trust Board on 6 December 2016

The current version (July 2018) is derived from, and supersedes, the version published in February 2017 and earlier versions.

DISCIPLINARY POLICY. Page 1 of 14 Date: 11/2014. PE06 Revision: 1

Grievance Policy and Procedure

Privacy Collection Notification & Consent to Electronic Transactions. Managed Recruitment Services for University of Canberra.

Archway Academy Independent School ARCHWAY ACADEMY INDEPENDENT SCHOOL DISCIPLINARY AND GRIEVANCE PROCEDURES. 24/10/14- Last Updated 15/12/16 1

UNIVERSITY OF ESSEX ACADEMIC STAFF

Privacy Policy and Disclosure Statement

Data Protection Policy.

Discipline and Dismissal Policy

SICKNESS ABSENCE POLICY

Customer Advocacy. Complaints Management Policy

INDUSTRIAL RELATIONS ACT CODE OF GOOD PRACTICE: RESOLUTION OF DISPUTES AT THE WORKPLACE

Disciplinary, Dismissal and Grievance Procedures. The following general principles will apply to the Disciplinary, Dismissal and Grievance Procedures

Privacy Policy 1. Introduction 2. What personal information does Paperless Warehousing collect and why?

DISCIPLINE (Ordinance Procedure)

SARH: Disciplinary Policy

Disciplinary and Dismissal Procedure

GENTING MALAYSIA BERHAD (58019-U) CODE OF CONDUCT AND ETHICS

Data Protection Policy

Standard Operating Procedure

Elections Ontario Privacy Policy

Policy Number G9 Effective Date: 25/05/2017 Version: 1 Review Date: 25/05/2018

Health & Wellbeing Framework. Absence Management Policy

Disciplinary Policy & Procedure

St Mark s Church of England Academy Data Protection Policy

DIOMED DEVELOPMENTS LIMITED DATA PRIVACY NOTICE FOR APPLICANTS

POLICY ON TRADE UNION RECOGNITION AND FACILITIES AND TIME OFF FOR TRADE UNION REPRESENTATIVES

Data Management and Protection Policy

Data protection privacy notice (Job Applicants)

STAG LANE INFANT SCHOOL AND STAG LANE JUNIOR SCHOOL STAFF DISCIPLINE, CONDUCT AND GRIEVANCE PROCEDURES

University of Suffolk. Privacy Information Notice for Employees and other Workers

Privacy Impact Assessment Template

Data Protection/ Information Security Policy

THE UNIVERSITY OF NEW SOUTH WALES AUSTRALIAN WORKPLACE AGREEMENT. Senior General Staff Level UNSW SYDNEY 2052 AUSTRALIA

University-wide. Staff Only Students Only Staff and Students

Disciplinary Policy and Procedure. Chair of Governors. Executive Headteacher

Prevention and Management of Workplace Bullying Policy

FACILITIES AGREEMENT Trade Unions & Professional Organisations

DATA PROTECTION POLICY

CAPABILITY AND PERFORMANCE POLICY

DATA PROTECTION POLICY

Revised Disciplinary Policy. Revised May 2017

EDWARDS COMMERCIAL CLEANING SERVICES LTD and EDWARDS COMMERCIAL CLEANING (NORTH) LTD Data Protection Policy for Employees, Workers and Consultants

Prince Edward Island

Schools Disciplinary Policy & Procedure

Privacy Impact Assessment Template

AMA SKILLS TRAINING. PRIVACY Policy & Procedure

Sandymoor School Staff Code of Conduct and Disciplinary Procedures Policy

Privacy Policy of Townsville Motor Boat & Yacht Club Limited - Liquor Licence Number 84145

Data Protection Policy

Speedy Group Policy Part of: Group Policies & Procedures

Privacy Policy of Brothers Leagues Club Ipswich Inc. Community Club Licence No

Nationwide Services Group Limited. Equality & Diversity

The Committee of Ministers, under the terms of Article 15.b of the Statute of the Council of Europe,

Little Gaddesden C. of E. Primary School

DATA PROTECTION POLICY

WHISTLEBLOWING POLICY FOR STAFF

It is our policy to provide employment equality to all, irrespective of:

University-wide. Staff Only Students Only Staff and Students. Vice-Chancellor. Director, Human Resources

University-wide. Staff Only Students Only Staff and Students. Vice-Chancellor. Director, Human Resources

Information Governance Clauses Clinical and Non Clinical Contracts

Sefton Carers Centre

Whistleblowing Policy and Procedure

WHISTLEBLOWING POLICY AND PROCEDURE

Transcription:

Name of Policy Employee Records Privacy Policy Description of Policy New Policy Revision Description of Revision Human Resources Directorate Policy and Revision Number Original Effective Date Review Due Date Revision Effective Date Senate Approval Date Vice Chancellor s Approval Date June 2008

Table of Contents 1. Policy Purpose...2 2. Employee Record Defined... 2 3. Policy Provisions... 2 4. Policy Review... 6 5. Further Assistance... 6 Employee Records Privacy Policy - June 2008 1

1. Policy Purpose The purpose of the privacy policy is to protect private information about individuals and to ensure that the University conforms with the Privacy Amendment (Private Sector) Act 2000, and the National Privacy Principles of the Act. 2. Employee Record Defined An employee record is a record of personal information either conventional or in electronic format relating to the employment of a staff member. The record comprises information about employment, including health, recruitment and selection, terms and conditions of employment, performance, discipline, and resignation. Employees records are confidential and kept in locked storage. Employee records are exempt records from the provisions of the Privacy Amendment (Private Sector) Act 2000. The formal employee record exists within Human Resources. 3. Policy Provisions 3.1 Collection of Information Personal information must only be collected for purposes necessary to the functions and activities of the University. These include: Selection, employment, appraisal, discipline, remuneration of staff, and University administrative activities. Personal information must only be collected by means that are permissible by law. When personal information is collected by the University, the University must clearly state: the fact that the information is being collected; the purposes for which the information is being collected; the intended recipients of the information; whether the supply of the information by the individual is required by law or is voluntary, and any consequences for the individual if the information is not provided; and, the existence of any right of access to, and correction of, the information. When the University collects personal information from a staff member, the University must take such steps as are reasonable in the circumstances (having regard to the purposes for which the information is collected) to ensure that: the information collected is relevant to that purpose, is not excessive, and is accurate, up to date and complete; and, the collection of the information does not intrude to an unreasonable extent on the personal affairs of the staff member to whom the information relates. Where reasonably possible, the University will only collect personal information directly from the staff member to whom the information relates. Frequently this will be collected from official University forms but it may also be collected from email, letters or other forms of communication. However, the staff member may authorise the collection of Employee Records Privacy Policy - June 2008 2

information from a third party or, in the case of a person under the age of 16, authorisation may be given by a parent or guardian of that person. If the University collects personal information about a staff member from a third party, reasonable steps must be taken to ensure that the staff member is or has been made aware of the collection and the reason for the collection. The University will employ best practice in soliciting or collecting information from individuals using electronic forms or e-mail. The risks associated with using the Internet as a transmission medium will be made clear and the individual will be notified of any other options available for providing the information required. 3.2 Use of Information The University must not use the information for a purpose other than that for which it was collected unless: the staff member to whom the information relates has consented to the use of the information for that other purpose; the other purpose for which the information is used is directly related to the purpose for which the information was collected; the use of the information for that other purpose is necessary to prevent or lessen a serious and imminent threat to the life or health of the individual to whom the information relates or of another person; or, if so directed by a court of law. If the University uses or discloses personal information (authorised above), it must make a written note of the use of disclosure and of the reason for its disclosure. 3.3 Access to information Current and previous staff members are entitled to know whether personal information about them is held by the University, the nature of the information, the main purposes for which it is used and their entitlements to gain access to it. Access to personal information includes opportunity for the staff member to inspect records, take notes or obtain a photocopy or computer print out however, this must be in the presence of a representative from Human Resources. Access for the Individual The University will provide the staff member access to their personal employee record upon written request by the staff member, except: in the case of personal information, other than health information, providing access would pose a serious and imminent threat to the life or health of any staff member; providing access would have an unreasonable impact upon the privacy of other staff members; the request for access is frivolous or vexatious; providing access would reveal the intentions of the organisation in relation to negotiations with the staff member in such a way as to prejudice those negotiations; providing access would be likely to prejudice an investigation of possible unlawful activity; denying access is required or authorised by or under law; and, Employee Records Privacy Policy - June 2008 3

providing access would be likely to prejudice the outcome of an internal investigation. Access to employee records is provided to the staff member, nominated supervisor or Executive Team member for positions in their line of responsibility. If the University is not required to provide the staff member with access to the information because of one or more of (the above) reasons, the University must, if reasonable, consider whether the use of mutually agreed intermediaries would allow sufficient access to meet the needs of both parties. Access for others The University will not disclose personal information to anyone or any organisation, unless: the disclosure is related to the purpose for which the information was collected. There must be no reason to believe that the staff member concerned would object to the release of the information; the staff member concerned was reasonably likely to have been aware, or had been notified, that the personal information is usually disclosed to the person or agency; the disclosure is necessary to prevent or lessen a serious and imminent threat to life or health of any person; in relation to some investigations and law enforcement process; and, where legislation recognises lawful access by some government agencies. The University must provide reasons for denial of access or a refusal to correct personal information. 3.4 Provision of Information The University will respond to a staff member's written and signed request for their personal information as soon as practicable. The time taken to respond to a staff member's request for access may be influenced by various factors. These may include the method of communication, the type or amount of personal information requested, how the personal information is held, if a third party needs to be consulted and how it is to be provided to the individual making the request. 3.5 Access and Law Enforcement Police Requests for information from the police will not be accepted over the telephone. Members of staff receiving written requests for personal information from law enforcement agencies must direct the inquirer to the Deputy Vice-Chancellor, Administration and Resources or Delegate. This procedure does not apply in cases where there is an imminent threat to life or safety. However even then reasonable attempts should be made to discuss the matter with the Deputy Vice-Chancellor, Administration and Resources or Delegate. In most other circumstances it may be assumed that the University will require the issuing of a search warrant or subpoena. Records of all requests and disclosures of personal information to the law enforcement agencies will be kept on the appropriate file maintained by Human Relations. Government Employee Records Privacy Policy - June 2008 4

Departments such as Social Security, Immigration and Ethnic Affairs, Taxation and ASIO sometimes have a lawful need to access personal information held by the University. Where this need exists it is recognised in the legislation which establishes the departments and regulates their functions. While the University wishes to be cooperative with the Commonwealth, it has a duty to its staff. Therefore, any Commonwealth Department requiring personal information should be informed that the University will supply personal information only in response to a formal notice under the Department's legislation. Subpoenas and court orders The personal information held by the University is often required as evidence in court and tribunal proceedings. These may be matters which do not involve the University, or litigation to which the University is joined as a party. For all matters, the Proper Officer to be named in subpoenas and other orders is the Deputy Vice-Chancellor, Administration and Resources or delegate. Subpoenas received by the University must be directed to the office of the Deputy Vice-Chancellor, Administration and Resources and if necessary, will then be directed to the University Solicitor. 3.6 Security The University will take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure. The University must approve the use of personal computers in the workplace or for the copying or transferring of personal information onto personal computers. At the time of separation from the University, the University will take all appropriate steps to identify personal information stored on personal computers and direct and supervise the removal of personal information. 3.7 Communication The Employee Records Privacy Policy will be distributed to all existing staff and new staff of the University. 3.8 Breach of the Privacy Policy The Privacy Policy is designed to promote and enhance the confidentiality of ACU staff in the workplace. A failure to comply with this policy will be viewed seriously and may, in line with the enterprise agreement(s) in place at the time, result in disciplinary action, including dismissal. Staff must report breaches of this policy to the Deputy Vice-Chancellor, Administration and Resources or Delegate, who is responsible for the application of legislation. The University will use its utmost endeavours to protect staff who, in good faith and with good grounds, report breaches of the privacy policy. 3.9 Grievances Any grievance arising from the application of these arrangements shall be managed using the grievance management process foreshadowed in the ACU Staff Enterprise Agreement. In the interim, any unresolved issue should be raised in the first instance with the relevant supervisor. If the nominated supervisor is unable to resolve the matter, it may be referred to the relevant Executive Team member. Employee Records Privacy Policy - June 2008 5

4. Policy Review The University may make changes to this policy from time to time to improve the effectiveness of its operation. In this regard, any staff member who wishes to make any comments about this Policy may forward their suggestions to the Director, Human Resources. 5. Further Assistance Any staff member who requires assistance in understanding this policy should consult her/his nominated supervisor who is responsible for the implementation and operation of these arrangements in her/his work area. Should further advice be needed, she/he should contact the Human Resources Consultant responsible for their campus. Employee Records Privacy Policy - June 2008 6

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback