ModMed is a company limited by guarantee whose primary role is to develop and deliver leading-edge learning solutions and resources that are evidence-based and specific to the needs of Australia’s healthcare sector. ModMed is committed to managing your personal information properly, ethically and lawfully, including (where applicable) by providing you with access to your personal information which is held by us.
• the kinds of personal information that we collect and hold;
• how and why we collect your personal information;
• how your personal information is used;
• when and with whom we share your personal information; and
• how you can access and amend your personal information.
4. Information we collect
Because of the nature of our business as an education and training provider, we collect and hold a range of personal information and other information about you. In most cases, this will include:
• your name, date of birth and gender;
• your residential and work telephone numbers;
• your residential, work and email addresses;
• your occupation;
• your academic and employment history; and
• in respect of the programs we deliver, your program progression and assessment outcomes.
This is not an exhaustive list. From time to time, we may need or request additional information about you. In some cases, we may also seek your consent to collect certain sensitive information, such as information about your health or whether you are a member of any professional association.
5. Information you give to us
We may collect your personal information and other information directly from you:
• through email;
• during face to face interviews and discussions;
• over the telephone;
• when you enquire about, or enrol in, one of our programs; or
• during the delivery of your training.
You have no obligation to provide any information to us. However, failing to do so may affect our ability to deliver our programs or to otherwise interact with you.
If you provide us with information about other individuals (for example, an emergency contact's details), we rely on you to:
• do so only with their consent;
6. Information we collect from other sources
We may also collect personal information and other information about you:
• from third parties you have authorised to disclose your information;
• from publicly available sources of information; or
• through digital communications, when you visit the ModMed websites.
If we collect your personal information from someone other than you, we will take reasonable steps to:
• make you aware that we will collect, or have collected, your personal information from another source; and
• inform you about what we will do with your personal information.
7. How we use your information
Our business is to provide you with education and training services, as well as related services and products. In order to do that effectively, we use your information for a range of different purposes, including:
• to verify your identity;
• to allow you to access and use our online systems (including the ModMed websites);
• to communicate with you;
• to provide you with the information, products and/or services that you request from us;
• to assist with the delivery of our programs;
• to administer and promote our programs;
• to personalise your experience on the ModMed websites;
• to provide support and updates;
• to monitor and assess your performance and training needs;
• to assess whether our programs are meeting your needs;
• to perform research and analysis (including whether our programs meet the needs of our students broadly);
• for the quality improvement of our existing and new products (including programs) and services;
• for our internal business purposes; and
• subject to your consent, other purposes which we will notify you of from time to time.
We do not sell your personal information to third parties.
8. Organisations we disclose to
Sometimes, we disclose your information to our related entities or individuals or organisations outside ModMed. Common situations in which we disclose your information include:
• sharing your information with training service providers who provide ModMeds training solutions;
• disclosing your information to our contractors and other service providers (for example, in connection with external clinical teaching visits, to data management contractors, and to marketing and promotional contractors);
• where we are legally authorised or required to do so (including disclosing information to courts, tribunals, dispute resolution bodies, or law enforcement and national security agencies); or
• if we believe the disclosure is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety.
9. Do we send your information overseas?
In some cases, we may disclose your information to organisations, such as our providers of cloud services and website hosting services. These organisations may be based, or have servers, outside Australia. We will only disclose your personal information in compliance with the Privacy Act and APPs and we will take reasonable steps to ensure that those organisations protect and keep confidential the information they receive from us.
10. Can you request to deal with us without identifying yourself?
We understand that anonymity is an important element of privacy. In most cases, we need to know who you are in order to process and/or manage your application, enquiry, training or request.
You can request to deal with us anonymously or by using a pseudonym in relation to certain matters; for example, when making a complaint, unless we need to know your identity in order to investigate the complaint (such as in relation to a particular service provided by a training service provider).
If it is practicable to deal with us anonymously or under a pseudonym, we will take reasonable steps to ensure that the information that you provide to us anonymously or under a pseudonym is not able to be linked with other information that we may have about you. If you wish to deal with us anonymously or under a pseudonym, please contact the ModMed Privacy Officer using the contact details below.
11. How to access your personal information
We will provide you with access to personal information about you which is held by us, subject to the exceptions in the Privacy Act (for example, we may refuse to give you access to your personal information if giving access would have an unreasonable impact on the privacy of other people, or if your request for access is frivolous or vexatious).
Before giving you access to any information, we will require you to verify your identity in a manner that is reasonable in the circumstances and also to specify the information you wish to access.
If we refuse to give you access to your information, we will provide you with reasons for our refusal. For example, if we are not satisfied as to the identity of the requester.
You will not be charged for lodging a request to access your personal information.
Requests for access to information should, in the first instance, be directed to ModMed reception (at firstname.lastname@example.org or by calling 08 8172 7600) who will refer the request to an appropriate person within ModMed.
12. How to update your personal information
We will take reasonable steps to ensure that personal information about you which is held by us is accurate, up to date, complete and relevant.
We encourage you to contact us as soon as possible in order to update any information we hold about you.
If we update or amend personal information about you that we previously disclosed to another entity, and you request that we notify that entity, we will take reasonable steps to give that notification.
If we refuse to update your information, we will provide you with the reasons for our refusal. If you ask us to, we will associate the relevant information with a statement that the information is inaccurate or out of date.
13. How we keep your personal information secure
ModMed uses several physical and electronic security measures to protect personal information from misuse and loss, and from unauthorised access, modification or disclosure. For example, we restrict physical access to our offices, and we use a combination of security containers, firewalls, secure databases, computer user identifiers and passwords to protect personal information held by us.
Emails you send to us are screened by our email security systems and may be viewed by authorised ModMed information technology personnel and service providers for security purposes.
All personal information collected and stored by ModMed is held for a specified period of time, prior to eventual destruction. Time requirements for retention of personal information are at times statutory in nature or, required under contract, or necessary for procedural fairness as determined by ModMed. We maintain an active Retention and Destruction schedule setting out retention times for personal and other information. ModMed regularly considers and reviews information collected to ensure that we do not collect excessive or irrelevant personal information.
Subject to applicable laws and our internal policies, we take reasonable steps to destroy or de-identify personal information about you when we no longer need it.
4. Automated Information Collection
When you visit the ModMed websites, our server makes a record of that visit and logs the following information:
• your server address;
• the top level domain name (for example .com, .gov, .au, .uk);
• the date and time of the visit to the site;
• the pages accessed and documents downloaded;
• the previous site visited; and
• the type of browser used.
The data listed above is collected to facilitate website and system administration, including:
• the prevention of security breaches; and
• the enhancement of the ModMed websites to meet users' needs.
We do not attempt to identify users or their browsing activities except in the unlikely event of a criminal investigation; for example, where a law enforcement agency has issued a warrant to inspect our server logs.
The extent and type of information we receive from users of the ModMed websites depends on what the user does when visiting the site. Most of the information we collect is statistical only and not used to identify you.
15. How you can make a privacy complaint
If you have a concern about the way in which ModMed handles your personal information and wish to make a complaint, please contact SFET's Privacy Officer (using the contact details below).
We are committed to acknowledging your complaint in a prompt manner and will give you an estimated timeframe for when we will respond to your complaint.
It is our intention to resolve your complaint to your satisfaction. However, if you do not believe that the matter has been resolved satisfactorily, you are entitled to contact the Office of the Australian Information Commissioner on 1300 363 992 (local call charges apply) or by using the other contact details on the Commissioner's website (www.oaic.gov.au). The Commissioner may investigate your complaint further.
If you wish, you can make a complaint directly to the Privacy Commissioner rather than contacting ModMed in the first place.
16. Further information
To find out more about how ModMed manages personal information, please contact us using the following details:
ModMed Privacy Officer
Telephone: 08 8172 7600
Facsimile: 08 8373 6139
For more information on the Privacy Act and the APPs, you may:
• visit the website of the Office of the Australian Information Commissioner (www.oaic.gov.au); and/or
• contact the Privacy Hotline 1300 363 992 (local call charge).
Last updated February 2017