Background and information on the RMIT privacy policy

Background and purpose

The Information Privacy Act 2000 of the State of Victoria sets out Information Privacy Principles which must be observed by organisations such as the University that hold personal information. The section of this policy headed privacy principles incorporates those Information Privacy Principles. The University’s rights and obligations with respect to personal information as set out in this policy are based on those Principles.

The RMIT privacy policy is intended to assure compliance with relevant privacy legislation and to establish principles of transparency and fairness for the management of personal information at RMIT.

It is intended:

• to guide staff in the responsible collection and handling of personal information by the University.
• to give individuals the right to access information about them which is held by the University and to correct any errors in that information.
• to establish a complaints procedure for investigation and rectification of breaches of this policy.

Scope and responsibility

This policy covers the management of all personal information at RMIT.

For the purposes of this policy “personal information” means: information or an opinion (including information or an opinion forming part of a database), that is recorded in any form and whether true or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.

Where personal information is also “health information” then under the Health Records Act 2001 of the State of Victoria, persons to whom this policy applies must also comply with the Health Privacy Principles (“HPPs”) under that act, together with any guidelines issued from time to time by the Health Services Commission. The provisions of this Policy will also apply to health information except to the extent that they may be inconsistent with the HPPs.

This Policy must be observed by all University staff, consultants, external contractors and students who have access to personal information held by the University. To assist those who are managing students’ personal information, there are Guidelines for Managing Students' Personal Information on Agenda Papers and Minutes associated with this policy for managing agenda papers and minutes of meetings where students’ standing or progress is discussed.