Privacy Policy

Medicus College will follow the ten National Privacy Principles (NPP) in the handling of personal information of students / employees.

NPP 1 – Collection

Collection of personal information must be fair, lawful and not intrusive. A person must be told the organisation’s name, the purpose of collection, any laws requiring the collection, the main consequences if all or part of the information is not provided, and that the person can get access to their personal information.

The organisation must collect personal information directly from the individual if it is reasonable and practicable to do so. An organisation which collects personal information about an individual from someone else must ensure that the individual is or has been made aware of the disclosure required above.

NPP 2 – Use & Disclosure

Medicus College should only use or disclose information for the purpose for which it was collected unless the person has consented, or the secondary purpose is related to the primary purpose and a person would reasonably expect such use or disclosure.

Where personal information (other than sensitive information) is used for the secondary purpose of direct marketing and it is not practicable to obtain consent, each direct marketing communication must provide the individual an opportunity of not receiving further direct marketing communication.

NPP 3 – Information Quality

Medicus College must take reasonable steps to make sure that the personal information it collects, uses or discloses is accurate, complete and up-to date.

NPP 4 – Data Security

Medicus College must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure.

NPP 5 – Openness

Medicus College must have a policy document outlining its information handling practices and make this available to anyone who requests it.

NPP 6 – Access and Correction

Generally speaking, Medicus College must give an individual access to personal information it holds about that individual on request.

NPP 7 – Identifiers

Generally speaking, Medicus College must not adopt, use or disclose an identifier that has been assigned by a Commonwealth government ‘agency’. For example, a tax file number or Medicare number.

NPP 8 – Anonymity

Medicus College must give people the option to interact anonymously whenever it is lawful and practicable to do. Generally speaking, a person cannot acquire financial services anonymously. However, a person could make a general enquiry (for example, about the policy coverage available) without giving his or her name.

NPP 9 – Transborder Data Flows

Medicus College can only transfer personal information to a recipient in a foreign country in circumstances where it is necessary to do so to complete an agreement with a person, or where the information will have appropriate protection, or the person has consented to the transfer.

NPP 10 – Sensitive Information

Medicus College must not collect sensitive information (for example, details of a person’s race, religion, sexual preferences or health) unless the individual has consented.