Queensland's privacy regime is set out in the Information Privacy Act 2009 (IP Act).
Under the IP Act, the University is legally required to comply with the Information Privacy Principles (IPPs), which are set out in Schedule 3 to the Act. The IPPs cover the collection, storage, use, disclosure and access obligations of agencies. Under the IP Act, agencies are required to take reasonable steps to protect the personal information they hold from misuse and loss and from unathorised access, modification or disclosure.
The University is committed to the objectives of the IP Act and has implemented the Privacy Management policy (PPL 1.60.02) that is based on the following principles:
- the University supports responsible and transparent handling of personal information;
- the University respects an individual's right to know how his or her personal information will be collected, used, disclosed, stored and disposed of; and
- adequate privacy protection is a necessary condition for the University to participate in e-communications and e-transactions.
Privacy Management section
Privacy inquiries
The Right to Information and Privacy Office can assist with any inquiries regarding privacy at The University of Queensland.
Right to Information and Privacy Office Level 4 JD Story Building Phone: 3443 1148 Email: rtip@uq.edu.au Also, refer to the Frequently Asked Questions - Privacy Management.
Grievance Procedure
Making a complaint about breach of privacy
If you believe that the University or one of its officers has breached your privacy when handling your personal information, you are entitled to make a privacy complaint. Your complaint should be lodged through the Complaints Management process. Please note that you cannot make a complaint that the University has breached another person’s privacy unless that person has appointed you as his or her agent. Before lodging a privacy complaint, you are encouraged to contact the Right to Information and Privacy Office to discuss your concerns.
Within 14 days of your complaint being received, the Right to Information and Privacy Office will write to you acknowledging your complaint and providing details of how the complaint will be investigated. You will be notified once the investigation is complete.
Within 45 days from day you lodge your complaint with the University, you will be notified in writing of:
- the findings of the investigation (and the reasons for those findings), and
- the action proposed to be taken by the University (and the reasons for taking that action), and
- your right to apply to the Information Commissioner if you are not satisfied with the outcome.
If you are not notified within 45 days or are not satisfied with University’s investigation, you may apply to the Information Commissioner for your complaint to be mediated. If your complaint is not suitable to be mediated or you are not satisfied with the mediation, you may ask the Information Commissioner to refer your complaint to the Qld Civil and Administration Tribunal (QCAT) for a review of the conduct that was the subject of your complaint.
Privacy - Resources
For further information on Privacy, refer to the following publications:
The following websites contain additional information relating to Privacy:
- Office of the Information Commissioner
- The Australian Information Commissioner
- NSW Privacy Commissioner
- Victorian Privacy Commissioner
Resources:
- Privacy at UQ (privacy online module - log into Blackboard, select UQ Workplace Inductions and OH&S Training, select learning modules)
- Counter Sign
- Guideline - Collection Statements
- Privacy Checklist for Staff
Personal Information Register
- Student records;
- Staff records;
- Financial and business records;
- Information technology systems personal information;
- Human research participant personal information; and
- Community links.
The records are maintained for periods controlled by the General Retention and Disposal Schedule for Queensland Universities issued under the authority of the Queensland State Archivist under section 13 of the Public Records Act 2002. The procedures by which individuals may obtain access to information about them are outlined in the University Policy (PPL 1.60.02) Privacy Management.
University records relating to students
- Personal details, including date of birth, postal and permanent home addresses, and emergency contacts;
- Equity group membership and educational background;
- Admission, enrolment course progress and attendance;
- Examinations and assessment (including grades);
- Discipline and misconduct incidents;
- Fees and charges and/or HECS-HELP or FEE-HELP statements (including tax file numbers);
- Practicum’s and industrial or clinical placements;
- Use of student support services in areas such as health, disability, learning assistance, personal and careers counselling; student complaints and grievances; and appeals;
- Prizes, scholarships, grants and student assistance;
- Library borrowing records;
- Graduation records and employment outcomes;
- Immunisation status and first aid qualifications for students in specified courses;
- Membership of University, Faculty and School committees.
- Recruitment – position applications, records of selection processes, records of employment checks, evidence of previous qualifications;
- Attendance and leave for full-time, part-time and casual staff;
- Personal details including date of birth, home address, telephone number, email addresses and emergency contacts;
- Visa documentation as required;
- Salary and payroll including bank details, tax file number, salary packaging and benefits;
- Superannuation;
- Personnel development and training;
- Performance planning and management, including teaching performance evaluations for academic staff;
- Staff health and safety including, where relevant, accidents/injuries, vaccination status, details of first aid certificates held, compensation and rehabilitation arrangements;
- Staff welfare such as staff study assistance;
- Grievances and complaints, industrial issues and other matters affecting individual staff members;
- Staff equity;
- Promotion for academic staff;
- Library borrowing and use of UQ services;
- Visiting researchers, adjunct staff, and other individuals providing voluntary services to UQ;
- Grants, awards, honours and recognition schemes for staff;
- Staff research output and publications;
- Staff participation in external and commercial consultancies;
- Official staff travel; and
- Membership on University, Faculty and School committees.
- records of accounts payable or receivable, including the names of creditors and debtors of the University;
- customer records of business operations, such as UQ Press;
- job tracking systems for service providers within the University;
- lists of contractors providing professional services in the building and project management areas; and
- tender documents.
- Mailing lists for members of the professions and users of other UQ facilities;
- Records of supporters and alumni;
- Records for continuing professional education participants; and
- Patient records for clients of UQ Clinics.