Queensland's privacy regime is set out in the Information Privacy Act 2009 (IP Act).
Under the IP Act, the University is legally required to comply with the Information Privacy Principles (IPPs), which are set out in Schedule 3 to the Act. The IPPs cover the collection, storage, use, disclosure and access obligations of agencies. Under the IP Act, agencies are required to take reasonable steps to protect the personal information they hold from misuse and loss and from unathorised access, modification or disclosure.
The University is committed to the objectives of the IP Act and has implemented the Privacy Management policy (PPL 1.60.02) that is based on the following principles:
- the University supports responsible and transparent handling of personal information;
- the University respects an individual's right to know how his or her personal information will be collected, used, disclosed, stored and disposed of; and
- adequate privacy protection is a necessary condition for the University to participate in e-communications and e-transactions.