Forensic Medical Consultants understands the importance of privacy and is committed to complying with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles, which set out how private sector organisations must handle and treat "personal information" and "sensitive information".
"Personal information" means information or opinions about an individual whose identity can be apparent or can reasonably be ascertained from the information.
"Sensitive information" means personal information or an opinion about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a trade union, sexual preferences or practices, criminal record. It also includes your health information or genetic information.
What kinds of personal information do we collect and hold?
- name, job title, and contact details
- communications beween you and us
- financial information
What kinds of sensitive information to we collect and hold?
- educational details, employment history, skills and background checks
- information collected during interviews or other assessments
- criminal records
- health records and other health information
- personal information required to make transactions, such as bank account details
How we collect personal information
In most instances we will collect personal information directly from the person to whom the information relates, or the organisation of which that personal is an employee, director or principal. However, we may also collect personal information about individuals from the following third parties:
- our clients, particularly insurance companies and law firms
- government agencies
- law enforcement bodies
- publically available records
- public registries
- court or tribunal records
- ratings agencies
- search agencies
- regulatory and licensing bodies
- service providers
- online searches; and
- social media (such as LinkedIn and Facebook)
In the course of providing our clients with the services they have requested, and carrying out their instructions, we may be required to collect personal information about other individuals including other parties to our clients’ matters, their legal representatives and other service providers or contractors retained by them. The nature of information collected will depend upon the individual circumstances of the matter, but is likely to include name, contact details, job title, and communications with these other individuals. Depending upon the circumstances of the matter, it may also include sensitive information.
If you approach us for information (such as government departments, regulatory authorities or media) we may record your name and contact details and collect additional personal information about you to verify your identity and consider whether to provide you with the information that you have requested.
If you are a business service provider to Forensic Medical Consultants, personal information about you, including your name, company title, contact and banking details may be collected for us to contact you and to facilitate payment of any applicable service fees.
How Forensic Medical Consultants may use your personal information
Unless you provide Forensic Medical Consultants with your consent, Forensic Medical Consultants will only use the personal information collected for the primary and related purposes that Forensic Medical Consultants disclose at the time the information is collected and as set out in this Policy.
How we hold personal information
We hold personal information in hardcopy files and in electronic form and take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification or disclosure.
We store hardcopy files in locked cupboards within an access-controlled premises. Under our records managements system, access to files is appropriately limited. No unauthorised staff-member can have access to your personal information. All staff are aware of this policy. In-service training and compliance audits regarding privacy are conducted regularly. We also store hardcopy files with an offsite storage provider whose premises is monitored by CCTV and access is strictly controlled. Any hardcopy material that is not required to be stored is securely shredded onsite by authorised staff.
We store electronic records within our own secure network and through third party data storage providers. Personal information within our network is password protected and access is appropriately limited.
Our third-party data storage providers are required to protect personal information in accordance with applicable laws and take appropriate technical and organisation measures against unauthorised or unlawful use of personal information or its accidental loss, destruction or damage.
The purposes for which we collect, hold, use and disclose personal information
We collect, hold, use and disclose personal information for the purposes for which it was collected, related purposes, and other purposes including:
- providing the services that our clients have requested
- managing insurance
- conducting further searches and enquiries regarding the information you have provided to us or more generally to collect additional personal information about you or your associates for our regulatory or prudential purposes
- complying with our legal and regulatory obligations; and
- to otherwise carry out our functions as providers of expert opinion in clinical forensic medicine
Overseas disclosures of personal information
We may disclose personal information to external service providers located overseas so that they can provide us with services in connection with the operation of our business, such as data storage.
Aside from the purposes set out above, we generally do not disclose personal information to overseas recipients.
Access to your personal information
You have a right to request access to personal information that we hold about you and request its correction if it is inaccurate, out of date, incomplete, irrelevant or misleading. You may do so by contacting our Privacy Officer using the details below. We will respond to all requests for access to or correction of personal information within a reasonable period.
In some cases, in accordance with the Privacy Act, we may charge you a fee for access to personal information we hold about you or refuse to give you access to personal information we hold about you.
If you would like to complain about a breach of the Australian Privacy Principles, you may contact our Privacy Officer at the details below.
We will respond to complaints within a reasonable period (usually 30 days).
If you disagree with our decision, you may refer your complaint to the Office of the Australian Information Commissioner by visiting www.oaic.gov.au, calling 1300 363 992 or by emailing firstname.lastname@example.org.
If you would like more information about the way we manage personal information, would like to request access to or correction of personal information that we hold about you, or wish to make a complaint, please contact our Privacy Officer using one of the following methods:
PO Box: PO Box 2019, Templestowe Heights, VIC 3107; or
Telephone: (03) 9855 9699