Privacy Statement
Privacy Statement
Welcome to CPD Essentials. This privacy statement explains data collection and use practices of the CPD essentials Online Educational CPD Activities.
Binding Nature
By accessing and using this site, you agree and consent to the collection, use and disclosure of your personal information as outlined in this privacy statement.
Scius Healthcare Solution Pty Ltd (Scius) has adopted this Privacy Policy with respect to its collection, use, storage and disclosure of information about individuals.
Scius is committed to protecting the privacy of any personal information of all the individuals it deals with in accordance with laws that apply to Scius.
However, users are advised that there are inherent risks in transmitting information across the internet. This document sets out our policies on handling personal information collected through this website.
In general, we do not collect personal information about you when you visit our website. You can visit our site without telling us who you are or revealing other personally identifiable information. The information we receive depends upon what you do when visiting our site. Personally identifiable information about you is collected only when you knowingly and voluntarily submit it to us, such as when you register for our educational website or have your attendance recorded when you attend one of our conferences or seminars.
If you do not provide us with any of the personal information which we ask you for, it may affect our ability to meet our obligations to you and/or may mean that we do not grant you access to the parts of this website or any related services which are restricted to those who have registered for our website.
Scius welcomes your feedback. If you have any questions in relation to privacy, please contact us at info@scius.com.au or (02) 9958 1481.
Sponsor
The CPD activities on CPD Essentials are sponsored by a number of companies. Scius may disclose personal information collected from this Site to the Sponsors. This information may be used that to: (a) evaluate and monitor (i) the Sponsored education program; and (ii) your experience with the program; and (b) if you have ticked the box, contact you about its products and services.
For information about the privacy policy of the Sponsors of a specific CPD activity please visit the website of the Sponsor.
1. COLLECTION
1.1. Scius will only collect personal information or data that is necessary, adequate, relevant and limited to what is necessary in relation to the purposes, functions or activities for which they are processed.
1.2. Scius will only collect personal information by lawful and fair means and in a way which is not unreasonably intrusive.
1.3. When personal information is collected from an individual (or, if that is not practicable, as soon as practicable after) Scius will take reasonable steps to ensure that the individual is aware of:
(a) Scius' identity and how to contact it;
(b) the fact that they are able to gain access to the information;
(c) the purposes for which the information is collected;
(d) the types of entities to which Scius usually discloses information of that kind;
(e) any law that requires the particular information to be collected; and
(f) the main consequences (if any) for the individual if all or part of the information is not provided.
1.4. Where reasonable and practicable to do so, Scius will collect personal information about an individual from that individual.
1.5. If Scius collects personal information about an individual from someone other than the individual, it will take reasonable steps to ensure that the individual is made aware of the matters listed in subclause 1.3 except to the extent that making the individual aware of the matters would pose a serious threat to the life or health of any individual.
2. USE AND DISCLOSURE
2.1. In general, Scius uses personal information for the following purposes:
(a) For administering the ‘Iron Therapy Today’ education program
(b) To meet the reporting obligations associated with running accredited continuing education activities. This may include sharing your information with the professional bodies such as the Royal Australian College of General Practitioners and the Australian College of Rural and Remote Medicine.
Scius may disclose information for the purposes for which it was collected, and also:
(a) to Sponsor (who will use it as described above);
(b) to health professional bodies such as the Royal Australian College of General Practitioners, the Australian College of Rural and Remote Medicine, and the Pharmaceutical Society of Australia; as permitted by law, and
(c) with your consent.
2.2. Scius will only use or disclose personal information for a purpose (the secondary purpose) other than the primary purpose of collection if:
(a) the secondary purpose is related to the primary purpose of collection and, the individual would reasonably expect the information to be used or disclosed for the secondary purpose; or
(b) the individual has consented to the use or disclosure; or
(c) the information is not sensitive information and the use of the information is for the secondary purpose of direct marketing where:
i. it is impracticable for Scius to seek the individual's consent before that particular use;
ii. the individual having been offered the opportunity of declining to receive direct marketing communication at no charge has not declined;
iii. the individual has not made a request to Scius not to receive direct marketing communications;
iv. in each direct marketing communication with the individual, Scius draws to the individual's attention, or prominently displays a notice, that they may decline to receive any further direct marketing communications; and
v. each written direct marketing communication by Scius with the individual sets out Scius' contact details; or
(d) the information is health information and the use or disclosure is necessary for research, or the compilation or analysis of statistics, relevant to public health or public safety where:
i. it is impracticable for Scius to seek the individual's consent before the use or disclosure;
ii. the use or disclosure is conducted in accordance with guidelines approved by the Privacy Commissioner under section 95A of the Privacy Act 1988 (Cth) (the “Privacy Act”); and
iii. in the case of disclosure Scius reasonably believes that the recipient of the health information will not disclose the health information, or personal information derived from the health information; or
(e) Scius reasonably believes that the use or disclosure is necessary to lessen or prevent:
i. a serious and imminent threat to an individual's life, health or safety; or
ii. a serious threat to public health or public safety; or
(f) Scius has reason to suspect that unlawful activity has been, is being or may be engaged in, and uses or discloses the personal information as a necessary part of its investigation of the matter or in reporting its concerns to relevant persons or authorities; or
(g) the use or disclosure is required or authorised by or under law; or
(h ) Scius reasonably believes that the use or disclosure is reasonably necessary for one or more of the following by or on behalf of an enforcement body:
i. the prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty or sanction or breaches of a prescribed law;
ii. the enforcement of laws relating to the confiscation of the proceeds of crime;
iii. the protection of the public revenue;
iv. the prevention, detection, investigation or remedying of seriously improper conduct or prescribed conduct;
v. the preparation for, or conduct of, proceedings before any court or tribunal, or implementation of the orders of a court or tribunal.
2.3. If Scius uses or discloses personal information under paragraph 2.1(h ), it must make a written note of the use or disclosure.
2.4. Despite subclause 2.1, Scius may disclose health information about an individual to a person who is responsible for the individual if:
(a) the individual:
i. is physically or legally incapable of giving consent to the disclosure; or
ii. physically cannot communicate consent to the disclosure;
(b) Scius is satisfied that either:
i. the disclosure is necessary to provide appropriate care or treatment of the individual; or
ii. the disclosure is made for compassionate reasons; and
(c) the disclosure is not contrary to any wish:
i. expressed by the individual before the individual became unable to give or communicate consent; and
ii. of which the carer is aware, or of which the carer could reasonably be expected to be aware; and
(d) the disclosure is limited to the extent reasonable and necessary for a purpose mentioned in paragraph (b).
3. DATA QUALITY
Scius will take reasonable steps to ensure that the personal information it collects, uses or discloses is accurate, complete and up-to-date.
4. DATA SECURITY
4.1. Scius will take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure.
4.2. Scius will take reasonable steps to destroy or permanently de-identify personal information if it is no longer needed.
5. OPENNESS
5.1. On request, Scius will take reasonable steps to let a person know, generally, what sort of personal information it holds, for what purposes, and how it collects, holds, uses and discloses that information about that person.
6. ACCESS AND CORRECTION
6.1. Scius will provide an individual with access to the information on request by the individual, except to the extent that:
(a) in the case of personal information other than health information providing access would pose a serious and imminent threat to the life or health of any individual;
(b) in the case of health information providing access would pose a serious threat to the life or health of any individual;
(c) providing access would have an unreasonable impact upon the privacy of other individuals;
(d) the request for access is frivolous or vexatious;
(e) the information relates to existing or anticipated legal proceedings between Scius and the individual, and the information would not be accessible by the process of discovery in those proceedings;
(f) providing access would reveal the intentions of Scius in relation to negotiations with the individual in such a way as to prejudice those negotiations;
(g) providing access would be unlawful;
(h ) denying access is required or authorised by or under law;
(i) providing access would be likely to prejudice an investigation of possible unlawful activity; or
(j) providing access would be likely to prejudice:
i. the prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty sanction or breaches of a prescribed law;
ii. the enforcement of laws relating to the confiscation of the proceeds of crime;
iii. the protection of the public revenue;
iv. the prevention, detection, investigation or remedying of seriously improper conduct or prescribed conduct;
v. the preparation for, or conduct of, proceedings before any court or tribunal, or implementation of its orders; by or on behalf of an enforcement body; or
(k) an enforcement body performing a lawful security function asks Scius not to provide access to the information.
6.2. However, where providing access would reveal evaluative information generated within Scius in connection with a commercially sensitive decision making process, Scius may give the individual an explanation for the commercially sensitive decision rather than direct access to the information.
6.3. If Scius is not required to provide the individual with access to the information because of one or more of paragraphs 6.1(a) to (k) (inclusive), Scius will, if reasonable, consider whether the use of mutually agreed intermediaries would allow sufficient access to meet the needs of both parties.
6.4. Scius may charge a fee reasonable for providing access to personal information (but not for lodging a request for access).
6.5. If Scius holds personal information about an individual and the individual is able to establish that the information is not accurate, complete and up to date, Scius will take reasonable steps to correct the information so that it is accurate, complete and up to date.
6.6. If the individual and Scius disagree about whether the information is accurate, complete and up to date, and the individual asks Scius to include with the information a statement claiming that the information is not accurate, complete or up to date, Scius will take reasonable steps to do so.
6.7. Scius will provide reasons for denial of access or a refusal to correct personal information.
7. IDENTIFIERS
7.1. Scius will not adopt an identifier of an individual that has been assigned by:
(a) an agency;
(b) an agent of an agency acting in its capacity as agent;
(c) a contracted service provider for a Commonwealth contract acting in its capacity as contracted service provider for that contract, unless:
(d) the use or disclosure is necessary for Scius to fulfil its obligations to the agency; or
(e) one or more of paragraphs 2.1(e) to 2.1(h ) (inclusive) apply to the use or disclosure; or
(f) the use or disclosure is by a prescribed organisation of a prescribed identifier in prescribed circumstances.
7.2. However, subclause 7.1 does not apply to the adoption by a prescribed organisation of a prescribed identifier in prescribed circumstances.
7.3. In this clause: identifier includes a number assigned by Scius to an individual to identify uniquely the individual for the purposes of Scius' operations. However, an individual's name or ABN (as defined in the A New Tax System (Australian Business Number) Act 1999 (Cth)) is not an identifier.
8. ANONYMITY
Wherever it is lawful and practicable, individuals will have the option of not identifying themselves when entering into transactions with Scius.
9. TRANSBORDER DATA FLOWS
Scius will only transfer personal information about an individual to someone (other than Scius or the individual) who is in a foreign country if:
(a) Scius reasonably believes that the recipient of the information is subject to a law, binding scheme or contract which effectively upholds principles for fair handling of the information that are substantially similar to the National Privacy Principles under the Privacy Act; or
(b) the individual consents to the transfer; or
(c) the transfer is necessary for the performance of a contract between the individual and Scius, or for the implementation of pre-contractual measures taken in response to the individual's request; or
(d) the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the individual between Scius and a third party; or
(e) all of the following apply:
i. the transfer is for the benefit of the individual;
ii. it is impracticable to obtain the consent of the individual to that transfer;
iii. if it were practicable to obtain such consent, the individual would be likely to give it; or
(f) Scius has taken reasonable steps to ensure that the information which it has transferred will not be held, used or disclosed by the recipient of the information inconsistently with the National Privacy Principles.
10. SENSITIVE INFORMATION
10.1. Scius will not collect sensitive information about an individual unless:
(a) the individual has consented;
(b) the collection is required by law;
(c) the collection is necessary to prevent or lessen a serious and imminent threat to the life or health of any individual, where the individual whom the information concerns:
i. is physically or legally incapable of giving consent to the collection; or
ii. physically cannot communicate consent to the collection; or
(d) the collection is necessary for the establishment, exercise or defence of a legal or equitable claim.
10.2. Despite subclause 10.1, Scius may collect health information about an individual if:
(a) the information is necessary to provide a health service to the individual; and
(b) the information is collected:
i. as required by law (other than the Privacy Act); or
ii. in accordance with rules established by competent health or medical bodies that deal with obligations of professional confidentiality which bind Scius.
10.3. Despite subclause 10.1, Scius may collect health information about an individual if:
(a) the collection is necessary for any of the following purposes:
i. research relevant to public health or public safety;
ii. the compilation or analysis of statistics relevant to public health or public safety;
iii. the management, funding or monitoring of a health service;
(b) that purpose cannot be served by the collection of information that does not identify the individual or from which the individual's identity cannot reasonably be ascertained;
(c) it is impracticable for Scius to seek the individual's consent to the collection; and
(d) the information is collected:
i. as required by law (other than the Privacy Act);
ii. in accordance with rules established by competent health or medical bodies that deal with obligations of professional confidentiality which bind Scius; or
iii. in accordance with guidelines approved by the Privacy Commissioner under section 95A of the Privacy Act for the purposes of this subparagraph.
10.4. if Scius collects health information about an individual in accordance with subclause 10.3, it will take reasonable steps to permanently de-identify the information before it discloses it.
11. REQUESTS FOR AND ACCESS TO PERSONAL INFORMATION
11.1. Scius will provide an individual with access to personal information which is held about them. The nature and timing of access will be agreed between Scius and the individual.
11.2. A request for access to personal information must be in writing, specify the information sought and may be made to an individual's usual contact at Scius or the Privacy Officer. Adequate identification by or authority from an individual must be supplied to Scius before any personal information will be provided.
11.3. Access to personal information will be provided within 10 business days of receiving a request. If this cannot be complied with, Scius will advise within that period when access will be provided.
11.4. Scius may charge a reasonable fee for providing access to personal information.
11.5. Any concerns or difficulties regarding a request for personal information should be referred to the Privacy Officer.
12. COMPLAINTS
12.1. Any complaint by an individual regarding Scius' management or handling of personal information should be directed to Scius. Contact details are set out at the commencement of this Policy.
12.2. To enable a complaint to be properly understood and acted upon it is requested that it be made in writing, specifying the personal information involved and the contact or process at Scius the subject of the complaint.
12.3. All complaints will be acknowledged within 3 business days of receipt. Contact details of the person in Scius dealing with the complaint and the Privacy Officer will also be advised to the individual making the complaint at this time
12.4. Complaints will be responded to within 15 business days. If this is not possible the individual will be advised as to when Scius expects to be able to respond.
12.5. If response does not resolve the complaint Scius and the individual will in good faith promptly agree a process and time frame for dealing with the complaint.