ż

Introduction

This Policy details the Royal Australian and New Zealand College of Obstetricians and Gynecologists’ (RANZCOG; the College) Privacy Policy and related information handling practices and gives guidelines for access to any personal information retained by the College, particularly in relation to its members.  This includes information collected in relation to the żwebsite and platforms.

żis committed to ensuring the privacy of individuals, in accordance with applicable privacy principles, such as the Australian Privacy Principles set out in the Australian Privacy Act 1988 and the Information Privacy Principles contained in the New Zealand Privacy Act 2020, and the EU General Data Protection Regulation.

The Freedom of Information Act 1982 (FOI Act) applies to Australian government departments and agencies or State public sector agencies. As żis a company limited by guarantee, the FOI Act does not apply. The Official Information Act (OIA) applies to New Zealand government agencies.  As żis registered with the New Zealand Companies Office as an Overseas ASIC Company, the OIA does not apply.

When information is collected directly from individuals, żmay provide further relevant privacy information to the individual at the point of collection, in which case, such information should be read in conjunction with this Policy.

This Policy encompasses requests for personal information that are explicitly considered in College privacy statements and consent to release forms, as well as other personal information.

This Policy is also subject to the terms of other College policies that explicitly deal with the use of personal information by the College in particular circumstances, and in the event of conflict, the terms of those other policies will apply. (For example, the College has an explicit policy on the recording of some assessments and examinations.)

1. Why do we collect personal information?

żroutinely collects personal information about individuals and those persons who use, access, provide or participate in the College’s services, events and activities.

The collection of this information enables the College to effectively carry out its principal roles as a provider of medical training, a membership organisation and an employer.  It also allows the provision of College services such as training and Continuing Professional Development (CPD), enables the College to procure goods and services from suppliers and generally interact with third parties, allows the College to contact individuals and others, and ensures access to member only services on the żwebsite.

2. What personal information do we collect?

żmay collect personal, health and sensitive information about members, trainees, prospective trainees, Specialist International Medical Graduates (SIMGs), applicants for registration, suppliers, conference delegates, College Staff and other individuals who interact with the College.

The information żcollects about individuals includes name, address, contact details, training records, financial records and other information relevant to their relationship to żfunctions and activities. żmay also collect information indirectly through such means as assessments, verifications of completion of training, confirmation of education requirements and similar.

Except where it is unreasonable or impracticable to do so or where it occurs with an individual’s permission, żwill collect this information only from the individual concerned. In addition, unless permitted or required to do so by law, żwill not collect sensitive information about an individual without their consent.

The full details of personal information that the College collects can be found in the questions the College asks, and in the forms individuals complete when dealing with the College, its agents and contractors.

A żemployee will be designated as the College’s Privacy Officer. żwill ensure that this person has received appropriate training in privacy legislation and can act as the primary College source of information regarding privacy matters.

3. How is personal information collected?

Ordinarily, personal information will be collected from an individual directly, either in person, by telephone, in writing or via the internet.

However, in some situations the College may need to collect personal information about an individual from a third party such as:

the College’s consultants, auditors, lawyers, contractors and contracted staff or service providers that provide goods or administrative or other services in connection with the activities of the College;

entities and institutions who provide services or undertake activities in conjunction with, or in association with, the College;

regulatory authorities and bodies, professional or specialist societies and associations, hospitals and health centres and relevant complaints tribunals and government departments and agencies; and

an individual’s agent (with an individual’s authority).

If the College needs to collect personal information about you from a third party not mentioned in this Policy, then the College will first endeavour to obtain your consent. If that is not practicable then the College will only obtain personal information from a third party if it is necessary for us to perform our functions or comply with applicable laws. In any event, the College will inform you about such third-party personal information and only use that information in accordance with this Policy.

Where the College receives personal information about you, which was not solicited, then that information will be dealt with in accordance with this Policy and applicable Privacy Principles.

The main points at which personal information is collected include, but are not limited to:

On joining żas a trainee or member.

On applying for specialist assessment and/or assessment for an Area of Need position or specialist-in-training purposes.

On applying to and joining żas an employee or non-Fżmember of the Board or other żgoverning body or entity.

On registering for żevents such as a scientific meeting, conferences and webinars.

On visiting RANZCOG’s website.

4. How is personal information used?

żwill only collect information needed for a particular function or activity.  The information collected will depend on the individual’s relationship with the College.  żwill use personal information to carry out its functions and activities. 

Functions and activities of the College include, but are not limited to:

providing membership services and benefits and maintaining associated records;

assisting, supporting, providing and improving CPD, education and training;

enabling planning, policy and service development and marketing, advertising or otherwise promoting the College;

monitoring, dealing with, reporting and investigating potential misconduct;

providing workplace and training environments that are free from discrimination, bullying and sexual harassment;

effectively operating a complaints resolution process;

providing assessment processes for SIMGs;

appropriately interacting with government and regulatory bodies relating to the profession;

implementing, monitoring and maintaining quality assurance processes and systems, as well as processes and systems concerning regulatory matters, registrations, accreditation, audits, risk and claims management (including dealings with insurers);

procuring funding, donations or other support for the activities of the College;

enabling internal administration, training, assessments, reviews of any processes, and Appeals Procedures;

providing or undertaking any of the other activities referred to in this Policy; and

conducting or facilitating research or surveys for purposes related to the College and/or one or more of the above activities.

Information may also be used for secondary purposes which directly relate to the primary purpose of collection or any other purpose which is authorised by the individual, or which is required or authorised by law. 

żmay also make ancillary use of your personal information for purposes other than those described above where an individual would reasonably expect the College to use such information.

5. How is personal information disclosed?

żwill share personal information amongst its staff, officers, committees and bodies where appropriate to better achieve the College’s primary, secondary or ancillary purpose.

From time to time, żmay disclose your personal information to certain third parties. If the College does this, it will require the third party to protect your personal information in the same way and to the same standards as the College.

The types of third parties to whom your personal information may be disclosed includes, but is not limited to:

providers of goods and services to the College;

entities and institutions who provide services or undertake activities in conjunction with or in association with the College;

regulatory authorities and bodies, professional or specialist societies and associations, hospitals and health centres, relevant complaints tribunals, and government departments and agencies;

where the College collects an individual’s information from someone else, or another entity, to that person or entity;

where the law requires or permits the College to do so;

an individual’s agent (with an individual’s authority); and

to assist with mail-outs to members, trainees or SIMGs.

Information supplied in such circumstances is disclosed to suppliers for the contracted purpose. Failure by the third party to act in accordance with this policy and other contractual and legal obligations may result in termination of the relationship with RANZCOG. żtakes no responsibility or incurs any liability for the errors or omissions of third parties.

All specific requests for information from a third party will be documented.

5.1 Overseas disclosures

In certain situations, żmay disclose your personal information to organisations based overseas, countries include:

Australia (if an individual is based in New Zealand).

New Zealand (if an individual is based in Australia); or

any other country in which the College’s members may be located.

żwill take reasonable steps to ensure that receipting organisations will abide by Australian or New Zealand privacy laws, as applicable, when dealing with personal information.

5.2 The College website and publications

The software used by żin connection with the żwebsite and web-based services may record (amongst other things):

unique visitors and sessions;

requested pages, downloads, search terms used, posted forms, status and errors, hits and bytes downloaded per directory, file, and file type;

entrance pages, exit pages, click paths, click to and click from and length of session;

domains, countries and IP addresses; and

browsers, platforms and bots.

The statistics are de-identified at the time of recording. This information is used for administrative purposes, including to improve and assess services, and to monitor usage and patterns to improve navigation and design features. – helping users to get information more easily.

żsites use cookies to manage login and logout.

The College’s Privacy Policy is displayed on the żwebsite.

żmay use sound and image recordings (including photographs) in the production of educational and promotional material for żpurposes. Such material may be published, either in electronic media (including our website) or in hard copy publications. żofficers may also take image recordings of attendees at RANCOG events, which may be published on the żwebsite or other media with your consent (express or implied).

5.3 Direct marketing

żmay use or disclose personal information for the purposes of direct marketing from the College or its stakeholders unless an individual has expressly requested otherwise.

Personal information will only be disclosed to third parties for the purpose of direct marketing where the College believes that such marketing materials will or may be of interest to people like the individual recipient.

In the ordinary course, broadcast emails will be sent as ‘blind copies’, i.e. with undisclosed recipients.  

An individual may request to be excluded from such direct marketing by contacting the Privacy Officer.

6. Special uses and disclosures

This clause sets out additional provisions relating to special purposes for which your personal information may be collected, used or disclosed by RANZCOG. It is in addition to all other provisions in the Policy.

6.1 College members and trainees generally

Without limiting the scope as defined through other sections of this Policy, personal information about żmembers and trainees is used to conduct College business, including for the purpose of training and assessment and for CPD.  Information may, without limitation, be disclosed to College Staff, College Board, committees and bodies, external suppliers, and societies and associations of which the individual is a member. 

CPD program participation information may be disclosed to hospitals, day surgery units, statutory bodies and the general public upon enquiry.

6.2 Specialist Assessment

żis involved in the assessment of specialist international medical graduates’ medical training, qualifications and experience, and therefore provides its decisions and recommendations arising from these assessments to the Australian Medical Council, the Medical Board of Australia and/or Medical Council of New Zealand.

Without limiting the scope of the authorised uses, żmay need to clarify information provided to it for this purpose with external institutions or individuals and gather additional information in order to complete the assessment. żmay also disclose personal information where required to do so by law.

6.3 Public enquiries regarding a Fellow or trainee

Generally, apart from confirming status and speciality of a Fellow or trainee no personal information will be disclosed to a member of the public without written consent except as required by law.  Members of the public include spouses, family members and colleagues.

It is important that the recipient of this information is aware that it is a confirmation of the status of a Fellow and not an endorsement. 

Unless otherwise agreed, the College will not publicly publish names of Trainees who have successfully completed an examination or components of their training. Trainees will be identified by a number or some other anonymous medium. Other requests regarding Fellows or Trainees will be considered on their individual merit.

6.4 Information requests from members and trainees regarding other members and trainees

Requests for the names, practice addresses (and practice / business email addresses) of members may be provided.  żcan also confirm that a person is a member or a trainee of the College.  Any other information about a Fellow or trainee will not be provided without their permission (unless required or authorised by law).

In response to a request for information the College may pursue one of two options (although it is not obliged to do so):

The College may elect to contact the member or trainee and advise them that information is being requested about them and seek their express consent to release it; or

The College may elect to obtain the contact details of the requester and provide this to the member or trainee, allowing them to contact the requester directly.

6.5 Medico-legal Register and requests for clinical reviews

The College may respond to enquiries from members of the public, legal firms, health services, statutory bodies or similar requesting the name of a member in a particular region or area of practice who is registered on the College Expert Witness Register or otherwise considered appropriate to assist with a clinical practice or other review.

6.6 Board, Council and committee elections

College elections are held at various times for specific elected positions on various committees, as well as the żBoard and the żCouncil. Requests by members and trainees for the names and contact details of other members and trainees for the purpose of electioneering for College-run elections will not be granted.

6.7 Providing information to College Board, committees and bodies

Records indicating examination performance, work performance and other information on individual trainees and/or members will be available to the College Board, committees and bodies, and supervisors of trainees, where such information is required for review of an individual’s performance in their work environment, in an examination or other assessment, in the CPD Program or for other authorised College purposes. Subject to this Policy and other College documents, this information will be treated in confidence by the College Board, committees and bodies, and supervisors of trainees and will not be made public in any way that will enable the identification of individual trainee(s), and where any doubt as to the determination of this exists, the College Privacy Officer must be consulted in order for a determination to be made.

Trainee details and information about trainee performance may also be provided to the trainee’s employer, Medical Registration Board and/or Australian Medical Council and/or Medical Council of New Zealand.

6.8 Information requests by College Staff members regarding other College Staff members

Personal contact information of each College Staff member is retained in College files for use as required by the People and Wellbeing department or in the case of an emergency. Requests for the contact details of College Staff members by other College Staff members will be considered on a case-by-case basis by the Head of People and Wellbeing.

6.9 Overseas recipients

żis a corporate entity which is registered and operates in both Australia and New Zealand. As of necessity, personal information may be collected, used and disclosed between those countries in respect of members, trainees and applicants for assessment of international qualifications.

Personal information may also be disclosed to recipients in overseas countries, in appropriate circumstances, especially in relation to the assessment of an international medical graduate’s training, qualifications and experience or those undertaking a period for training overseas. Should this be necessary, the individual will be asked to complete a form consenting to żdisclosing information to the overseas recipient, and to the overseas recipient providing the requested personal information to RANZCOG.

7. How is personal information kept?

The College undertakes to protect personal information from unauthorised use, access, disclosure and alteration. Staff must comply with the handling of personal information as per this policy. IT security systems and internal procedures are also utilised to protect the personal information held by the College.  

Consistent with contemporary business practices, the College contracts its infrastructure hosting to resilient and reliable outsourced data centres. The data centres are usually located in Australia or New Zealand. However, the nature of cloud computing means that occasionally data may be stored on servers in other jurisdictions. In the rare occasions where data is stored in other jurisdictions, the College aims to ensure that the service provider has adequate security and complies with all relevant Australian and New Zealand Privacy legislation.

Wherever practicable the College will hold all personal information in electronic form. In the case that personal information is retained in hard copy, these documents will be securely stored.

8. Accessing personal information

An individual may contact the Privacy Officer at any time to access their personal information held by the College unless the personal information is expressly to remain confidential as stated in other College Regulation or policy. They will be required to provide their request in the form available at . The request will be addressed in accordance with privacy legislation. Access will not be provided where the request does not relate to personal information or where the applicable privacy laws permit or require the College to decline that access.  As permitted by law, a fee may be requested to cover the cost of access. 

All of the identified information that the College has used to grant member access can be viewed by members via the members’ portal on Integrate ().

9. Correction of personal information

żseeks to maintain the accuracy of personal information. Individuals are encouraged to contact the College if the information held is incorrect or to notify the College if personal information has changed (reference should also be made to any additional privacy policies or collection statements).  This should be directed to the appropriate person who routinely manages that data, and who may be contacted on +61 3 9417 1699 or at privacy@ranzcog.edu.au. Changes to personal details can also be made on the żwebsite via the members’ portal on Integrate (). 

10. Anonymity

An individual may elect not to identify, or to ask żto not use or disclose, the individual or their personal information. However, doing so may limit the services the College can reasonably provide to the individual.

For example, żcannot practically provide membership services to a person who wishes to be a member of the College but who does not provide their personal information or who does not consent to their personal information being used or disclosed.

11. Sensitive information

żmay collect sensitive information from time to time in accordance with applicable laws.

‘Sensitive information’ means information about an individual’s attributes, such as racial or ethnic origin, political opinions, membership of a political, professional or trade association, philosophical beliefs or affiliations, membership of a trade union, sexual preferences or practices, or criminal record.

Wherever practicable the College will hold all sensitive information in electronic form.  In the case that sensitive information is retained in hard copy, these documents will be securely stored.

12. Concerns

Any inquiries or concerns about the College’s handling of personal information should be directed to the Privacy Officer on +61 3 9417 1699 or at privacy@ranzcog.edu.au .  Concerns may be required to be formally made in writing.

Concerns will be resolved in a timely manner by reference to this Policy and applicable laws. The person raising the concern will be notified of the College’s response to the concerns, including any remedial action żwill take to resolve the concern, in writing.

The websites of the Office of the Australian Information Commissioner and the Office of the New Zealand Privacy Commissioner are an additional source of information – and .

13. Amendments to this policy

The College may modify or amend this Policy at any time provided the Policy still complies with applicable laws. Formal notice of amendments to this Policy will not ordinarily be given, but the current version of this Policy will be available via the żwebsite.

14. Related documents

Confidentiality Agreement