Campus Bible Study Policy on Handling and Use of Private Information
Revision 5 Dated 14 January 2011
Campus Bible Study involves the ministry of the Anglican Parish of Unichurch (UNSW) and the ministry of the Anglican Chaplain at UNSW. It includes (but is not limited to) the ministry of the The Bible Talks (TBT), the Unichurch congregation and the Fellowship of Overseas Christian University Students (FOCUS). For the remainder of this document the term “University Ministries” will be used to describe these interrelated ministries.
Commonwealth Government privacy legislation which came into effect on 21 December 2001 extended the operation of the Privacy Act 1988 to cover the operation of private sector organisations. Small Businesses (those with an annual turnover of $3million or less in the previous financial year) are exempt from the legislation. As a result, the University Ministries as well as all other individual churches within the diocese of Sydney are currently exempt from the legislation.
However, the University Ministries intends, as far as possible, to comply with the legislation. Accordingly the following is the University Ministries policy on the handling of all private and personal information.
Your privacy is important to us. The following statement outlines the University Ministries policy on how we manage the personal information we hold about our members and friends. It is the University Ministries policy to respect the confidentiality of information and the privacy of individuals.
We are committed about being open about how we use personal information. Where our documents ask for personal information, we will generally state the purpose for its use and to whom it may be disclosed.
Purpose of Collecting Information
The University Ministries are committed to helping those whom they come in contact with understand the Christian gospel, as described in the Bible. This assistance will take place in the context of personal relationships and may extend over many years. We would hope that where possible a continuing association between our members and friends takes place even after they have left the University context. As such, personal information about people who are involved with and attend the activities of the University Ministries is collected primarily for the purpose of maintaining contact with people in order to minister to them effectively.
What Information is Held?
Because of the nature of the ministries provided, we ask for a range of personal information. The type of information we may collect can include (but is not limited to):
- contact details, and
- the type, name and date of meeting attended.
We obtain most of this information directly from our members or friends through response slips and from maintaining records of information provided in the course of ongoing ministry. This information may be collected at public meetings, smaller group meetings, from responses to our communication to you, or from other public sources.
Given that we are dealing with large numbers of members and friends and as we need to identify you within our record keeping, we may seek to collect a piece of personal information from you that is in some way unique to yourself. Under the Privacy Principles (as listed in the following attachment) this will not be any Commonwealth Government identifiers (e.g. Medicare number).We may seek to ask you for only the day and month of your birth. This will help us keep your records unique from other members, especially if we have members with similar names, and no current address information.
If an individual makes a financial payment to the University Ministries then other information such as bank account details and credit card information may need to be collected. We will always endeavour to provide a mechanism whereby the individual will be able to give anonymously. However in some cases if payment information is not provided, then such a payment may not be able to be correctly carried out.
At some of our activities we may ask for sensitive information to be collected. For more details see the section entitled “Sensitive Information is subject to greater restrictions”.
How do we use this information and whom may we disclose it to?
While we may send you information regarding the activities of the University Ministries from time to time that we think may be useful to you, we are conscious of the need to respect your privacy. We will not disclose information regarding you to another organization without your prior consent.
The personal information you give to us may be made available to the University Ministries pastoral staff, trainee staff, employees and senior leaders at the discretion of the relevant staff members. This is in keeping with our stated purpose for the collection of the information.
From time to time a listing of church members may be produced that is intended for distribution to members and friends of the University Ministries. In this event we will produce a separate application form to collect information for such a list. This form will include (but is not limited to):
- the nature of the information being collected
- the purpose of the collection
- the nature of the distribution of the list
- an avenue for people to not have their information listed.
Sensitive Information is subject to greater restrictions
Some personal information we hold is “sensitive”. Sensitive information relates to a person’s:
- racial or ethnic origin
- membership of political bodies, religions or trade unions
- sexual preferences or activities
- criminal record
- state of health
- medical history.
Racial or ethnic origin
The form of information collected may include country of origin or ethnicity
Membership of political bodies, religions or trade unions
The form of information collected will be restricted to the denomination, location and name of the church that the individual may attend.
State of health, medical history
On occasions we may seek to collect this information, when we consider that the collection is necessary to prevent or lessen a serious and imminent threat to life or health of an individual. This would particularly apply when we are dealing with children who for a stated and agreed reason will be absent from their parents and under our care. In such a case, a separate form will be provided for the collection of such information. This form will include (but is not limited to):
- the nature of the sensitive information being collected
- the purpose of the collection
- how the information will be stored and used
- how long the information will be stored for
- an avenue for people to not have their information collected – and the consequences of us not being able to collect such information
During the course of collecting and processing information for the Working with Children Check (under the Child Protection Act) it may be made apparent that an individual has a criminal record. This information will only be held as according to the guidelines set down in the Child Protection Act. Under circumstances other than the collection of information pertaining to the Child protection Act sensitive information regarding criminal records will not be collected.
We will not be seeking to collect information regarding membership of political bodies, trade unions, or information regarding sexual preferences or activities.
Management of personal information
The University Ministries seeks to train its pastoral staff, trainee staff and employees who handle personal information to respect the confidentiality of members‟ information and the privacy of individuals. The University Ministries regards breaches of your privacy very seriously. We have appointed a Privacy Officer to ensure that the management of your personal information is in accordance with this statement.
Safeguarding the privacy of your information is important to us, whether you interact with us personally, by phone, mail, over the internet, or other electronic media. We hold personal information in a combination of secure computer storage facilities and paper based files and other records, and take steps to protect the personal information we hold from misuse, loss, unauthorised access, modification or disclosure.
We may need to maintain records for a significant period of time. However, when we consider information is no longer needed, we will remove any details that will identify you or we will securely destroy the records regarding you.
The University Ministries endeavour to ensure that the personal information it holds is accurate and up-to-date. We realize that this information changes frequently with changes of address and other personal circumstances. We can update your information over the telephone, via email or by physically mailing a letter with your request.
Request/s to View and Make Amendments
Any individual can at any time view or amend the information that is held on them by the University Ministries. Requests to view or amend personal information can be made by contacting our office via phone on (02) 9697 9451 or via email on firstname.lastname@example.org.
Jasmine Tavitian Assistant Administrator, Anglican Parish of Unichurch (UNSW)
Summary of National Privacy Principles
(for more information see www.privacy.gov.au for full details of the Privacy Act)
1.1 An organisation should generally collect only the personal information it needs for its legitimate functions and activities. The organisation should collect the information in a fair and lawful way.
1.2 Where reasonably practicable an organisation should collect personal information directly from the individual. The organisation should usually take reasonable steps, when collecting information, to ensure that the individual knows why the information is being collected, who the information will be given to and how the information will be used or disclosed, as well as how to contact the organisation and that the individual may access the information. This is the case whether the organisation collects personal information from the individual or from someone else.
1.3 An organisation should usually ensure it has the consent of the individual to collect sensitive information. Sensitive information is information or an opinion about a person’s:
- religious or philosophical beliefs and affiliations
- racial or ethnic origin
- political opinions or membership of a political association
- membership of professional or trade associations or a trade union
- sexual preferences or practices
- criminal record, or
2. Use and disclosure
An organisation should usually only use or disclose personal information for:
- the primary purpose for which it was collected
- a related purpose which the individual would reasonably expect, or
- with consent.
3. Data quality
An organisation should take reasonable steps to introduce systems to ensure that personal information it holds is accurate, current and complete.
4. Data security
4.1 An organisation should implement measures to protect personal information from misuse, loss and unauthorized access, changes or disclosure.
4.2 An organisation should usually destroy or permanently de-identify personal information when the organisation no longer needs it.
An organisation should be open about how it manages personal information. If asked, an organisation should provide information about its approach to privacy.
6. Accessing and correcting personal information
6.1 Usually, when asked, an organisation should give an individual access to their personal information unless there is a reason why the organisation cannot do so. An organisation may deny a request for access if it reasonably believes any of the following circumstances apply:
- it would pose a serious and imminent threat to the life or health of any person, or if health information, would pose a serious threat to the life or health of any person,
- the privacy of others would be unreasonably affected
- the request is frivolous or vexatious
- the information relates to existing or anticipated legal proceedings with the person who is the subject of the information and would not be accessible in those proceedings
- providing access would prejudice negotiations with the person who is the subject of the information by revealing the organisation’s intentions regarding those negotiations
- providing access would be unlawful or denying access is required or authorised by law
- providing access would be likely to prejudice an investigation of possible unlawful activity
- providing access would be likely to prejudice law enforcement, public revenue protection, prevention and remedying of seriously improper conduct, or preparation or conduct of court or tribunal proceedings, either by or on behalf of an enforcement body
- an enforcement body performing a lawful security function requests denial of access to protect national security, and
- where evaluative information generated by the organisation in making a commercially sensitive decision would be revealed by providing access. In this situation the organisation may provide an explanation for the commercially sensitive decision instead.
6.2 The organisation should usually correct personal information if the individual to whom it relates can establish that the information is not accurate, current and complete.
6.3 An organisation should not impose an excessive charge for access by an individual to their personal information.
An organisation should generally not adopt, use or disclose Commonwealth government identifiers unless specifically permitted to do so. Identifiers include tax file numbers or social security numbers, but not an ABN.
If reasonably possible, an organisation should give others the option of dealing with it anonymously.
9. Transborder data flows
An organisation should generally obtain consent to transfer information overseas unless otherwise permitted to do so.
10. Sensitive information
An organisation should generally obtain consent to collect sensitive information unless otherwise permitted to do so.