Sandringham College

College

Privacy Policy

1. Rationale

All staff of Sandringham College are required by law to protect the personal and health information the School collects and holds.

The Victorian privacy laws, the Information Privacy Act 2000 and Health Records Act 2001, provide for the protection of personal and health information.

The privacy laws do not replace any existing obligations Sandringham has under other laws. Essentially this policy will apply when other laws do not regulate the use of personal information.

Definitions

Personal information means information or opinion that is recorded in any form and whether true or not, about an individual whose identity is apparent, or can be reasonable be determined from the information or opinion. For example this includes all paper and electronic records, photographs and video recordings.

Health information is defined as including information or opinion about a person's physical, mental or psychological health, or disability, which is also classified as personal information. This includes information or opinion about a person's health status and medical history, whether recorded or not.

Sensitive information is defined as information relating to a person's racial or ethnic origin, political opinions, religion, trade union, or other professional, or trade association membership, sexual preferences, or criminal record that is also classified as personal information about an individual.

In this policy personal information refers to personal information, health information and sensitive information unless otherwise specified.

Parent in this policy in relation to a child, includes step parent, an adoptive parent, a foster parent, guardian, or a person who has custody or daily care and control of the child.

Staff in this policy is defined as someone who carries out a duty on behalf of the School, paid or unpaid, or who is contracted to, or directly employed by the School or the Department of Education and Early Childhood Development (DEECD). Information provided to a School through job applications is also considered staff information.

2. Aims

To collect, handle, use, store and disclose personal and health information of staff and students in a manner compliant with the Health Records Act 2001 and the Information Privacy Act 2000. Personal Information is collected and used by Sandringham College to:

  • provide services or to carry out the School statutory functions;
  • assist the School services and its staff to fulfil its duty of care to students;
  • plan, resource, monitor and evaluate School services and functions;
  • comply with DEECD reporting requirements;
  • comply with statutory and or other legal obligations in respect of staff;
  • investigate incidents or defend any legal claims against the School, its services or its staff;
  • comply with laws that impose specific obligations regarding the handling of personal information.

3. Implementation

  • 3.1 All staff at Sandringham College will be provided with up to date professional development in relation to Privacy, will be provided with and made aware of Department of Education and Early Childhood (DEECD) Privacy guidelines and other information as it becomes available, and will made aware of, and reminded of their individual and our collective duty of care regarding Privacy as required.
  • 3.4 The 'Privacy: Protecting Information' posters will be prominently displayed about the school.
  • 3.5 While Privacy legislation is detailed, practising privacy involves:
    • Collecting only information the school needs
    • Informing people why you need the information and how we will use it
    • Disclosing only the information that is necessary for the purpose of the service
    • Accessing providing people with access to their own records
    • Securing information against unauthorised use or disclosure.
  • 3.6 All information collected at our school (including enrolment, excursion and medical permission forms etc) will be subjected to the above principles.
  • 3.7 All collected information at our school will be retained in either the fireproof safe (in the case of staff), or in the secure compactus storage in the office as appropriate, or either disposed of or transferred to the Public Record Office of Victoria after use consistent with the Public Record Office Standard (PROS) 01/01.
  • 3.8 All relevant information and records relating to students (eg: enrolment forms, consent forms, assessments, psychological reports, academic reports etc) will all be retained in secure compactus storage in the office.
  • 3.9 All electronic data will be maintained, stored and transmitted in accordance with DEECD requirements and expectations.
  • 3.10 All records will be maintained and kept up to date by office administration staff.
  • 3.11 A parent, student or staff member may seek access to their personal information, provided by them, that is held by the College. Access to other information maybe restricted according to the requirements of laws that cover the management of school records. These include the Public Records Act and the Freedom of Information Act.
  • 3.12 The School can disclose personal information for another purpose when:
    • the person consents, or;
    • it is necessary to lessen or prevent a serious or imminent threat to life, health or safety or;
    • it is required by law or for law enforcement purposes.
    Where consent for the use and disclosure of personal information is required, the school will seek consent from the appropriate person. In the case of a student's personal information, the school will seek the consent from the student and/ or parent depending on the circumstances and the student's mental ability and maturity to understand the consequences of the proposed use and disclosure.
  • 3.13 The College aims to keep personal information it holds accurate, complete and up-to-date. A person may update their personal information by contacting the College Business Manager or Campus Principal.
  • 3.14 School staff and students have use of information communication technologies (ICT) provided by the School. This use is directed by:
    • DEECD's Acceptable Use policy for Internet, email, and other electronic communications;
    • DEECD's IT Security Policy;
    • Sandringham College Cybersafety Policy.
  • 3.15 Should the school receive a complaint about personal information privacy this will be investigated in accordance with DEECD's Privacy Complaints Handling Policy.

4. Evaluation

To be reviewed as required by developments in relevant legislation or DEECD requirements and guidelines.

5. Links

https://www.eduweb.vic.gov.au/privacy/
https://www.eduweb.vic.gov.au/edulibrary/Schools/Privacy/

Privacy Bulletins:

https://www.eduweb.vic.gov.au/privacy/resources.htm
https://www.eduweb.vic.gov.au/edulibrary/Schools/Circulars/2005/

This policy was ratified at the College Council Meeting held at 7.15 pm on the 18th day of May 2009.