Privacy Policy

Protecting your privacy is important to us. Baker IDI will handle your information in accordance with the Privacy Act 1988 (Cth) and its Privacy Policy which is available to read below, for download here, or on request by contacting privacy@bakeridi.edu. au or by calling 1800 099 880 (toll-free). The Privacy Policy also explains how you can access and correct your personal information, or make a complaint about a breach of the Australian Privacy Principles.

PRIVACY POLICY

This Privacy Policy applies to personal information collected by Baker IDI Heart and Diabetes Institute.

In this Privacy Policy, the expressions "Baker IDI", "we", "us", "our" are references to Baker IDI Heart and Diabetes Institute (ABN 98 131 762 948).

Baker IDI is a not for profit medical research organisation. It is Australia's first-multidisciplinary organisation tackling obesity, diabetes, and cardiovascular disease through research, education and patient care. The breadth of our programs requires significant resources and we are extremely grateful for support we receive from individual members of the community as well as philanthropic trusts and foundations, industry and government.

Baker IDI is committed to ensuring the privacy and confidentiality of your personal information. Baker IDI will endeavour to handle your personal information in accordance with the Commonwealth Privacy Act (including the Australian Privacy Principles) and other relevant state and territory laws.

This Privacy Policy explains in general terms how Baker IDI protects the privacy of the personal information that you provide to us (including via our website or social media) and to personal information that we collect about you under any other agreement or arrangement.

This Privacy Policy does not apply to Baker IDI employee records.

GENERAL TERMS

WHAT IS PERSONAL INFORMATION  
TYPES OF PERSONAL INFORMATION THAT WE MAY COLLECT  
HOW BAKER IDI COLLECTS AND HANDLES YOUR PERSONAL INFORMATION 
Collection  
Use and Disclosure 
Transfer to your personal information overseas
Consent to transfer overseas
Opt-out
BAKER IDI SPECIALIST CLINIC
PARTICIPATION IN RESEARCH AND CLINICAL TRIALS AT BAKER IDI
SECURITY OF YOUR PERSONAL INFORMATION
ANONYMITY AND PSEUDONYMITY
GAINING ACCESS TO INFORMATION WE HOLD ABOUT YOU 
KEEPING YOUR PERSONAL INFORMATION UP-TO-DATE 
OUR WEBSITE
CHANGES TO BAKER IDI PRIVACY POLICY 
ADDRESSING YOUR CONCERNS 


WHAT IS PERSONAL INFORMATION

Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable:

• whether or not the information or opinion is true or not; and

• whether the information or opinion is recorded in a material form or not.

Sensitive information, a subset of personal information, includes information or opinion about an individual's racial or ethnic origin, political opinions, membership of a political organisation, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, health information and genetic information.

Back to top


TYPES OF PERSONAL INFORMATION WE MAY COLLECT

The kinds of personal information we collect about you may include your name, date of birth, address, gender, contact information, employment details, research areas of interest, goods and services you have obtained from us, event attendance and payment (including bank account, credit card and invoice) details.

We collect personal information from people who are connected to our operations and activities, including advisory committee members, research study and clinical trial participants, volunteers, suppliers and service providers.

We collect personal information from our donors and supporters including information to process your donation and information about your donation history and activities that you have indicated you may be interested in being involved with.

We collect information from publicly available sources to enable us to make personalised and tailored approaches to individuals and organisations relating to possible partnership opportunities.

We may also collect personal information including work experience and references in connection with the processing of scholarships, awards and courses or when we are canvassing for the recruitment of staff, students and volunteers.

Sometimes we might ask you for sensitive information in order to carry out the services we provide to you. For example, we may collect health information if you are participating in a health program or research study. We may collect racial or ethnic information as part of our mission to reduce death, disability and illness caused by non-communicable and communicable disease amongst Aboriginal and Torres Strait Islander peoples. Sometimes we collect photos or stories about you if you have gone to one of our events, or have visited our "share your story" link on our website and shared your experience or the experience of someone you know with heart disease, diabetes or a related condition. However, we do not collect sensitive information from you without your consent.

We will only collect personal information where reasonably necessary to conduct our functions or activities.

Back to top


HOW BAKER IDI COLLECTS AND HANDLES YOUR PERSONAL INFORMATION

Collection

Where possible, we will collect your personal information directly from you. For example, we may collect personal information about you when we deal with you over the phone or when you have contact with us in person, by email, over the Internet or via social media, when you purchase a product, sign up for a service, enter a contest or promotion, or fill out a form or complete a survey at one of our events or that is sent to you in the mail.

Sometimes we collect personal information from third parties such as contractors (including fundraising service providers), list vendors, charitable and other like-minded organisations, health professionals, or from a publicly available source.

If we collect information about you from a third party, and it is unclear that you have consented to the disclosure of your personal information to us, we will take reasonable steps to ensure that you are aware of circumstances surrounding the collection and the purposes for which we are collecting your personal information, other persons or organisations to which we might give your personal information, the existence and content of this Privacy Policy and any other matters required by relevant privacy laws.

Back to top

Use and Disclosure

We use your personal information to enable us to send you newsletters and bulletins as well as information about products, services, research, education and fundraising events and activities. We may use your information to contact you to seek financial support for medical research conducted at Baker IDI, or to enable you to assist us with volunteering, community fundraising, advocacy and other activities where we seek the community's assistance.

We may need to disclose your personal information to others in order to:

• carry out our activities, including funders, financiers, grant and award providers, research institutions, health professionals, volunteers, agents, contractors and service providers who perform services on our behalf, such as mailing houses, printers, information technology service providers, database contractors, patent attorneys and fundraising agencies; or

• facilitate the sharing of information to charitable or like-minded organisations that may wish to contact you with information that may be of interest and third service providers who facilitate the sharing of information between such types of charitable or like-minded organisations.

Back to top

Transfer of your personal information overseas

Baker IDI may from time to time enter into contractual arrangements with third party service providers to assist Baker IDI to carry out our activities and facilitate sharing of information to charitable or like-minded organisations. As a result personal information (but not payment details) provided to Baker IDI may be
transferred to, and stored at, locations outside Australia, including but not limited to the United Kingdom, United States of America and China. These organisations may engage third party service providers also operating outside Australia.

Baker IDI acknowledges the importance of protecting personal information and will take reasonable steps to ensure that third parties, including overseas service providers, who have access to your personal information are required to protect this information in a manner that is consistent with this Privacy Policy by, for example, not using the information for any purpose other than to carry out the services they are performing for Baker IDI.

Back to top

Consent to transfer overseas

By submitting your personal information to Baker IDI, you expressly consent to disclosure, transfer, storing or processing of your personal information outside Australia, as described above. In providing your consent you understand that countries outside Australia do not always have the same level of privacy protection as in Australia.

If you do not agree to the transfer of your personal information outside Australia, please contact us at privacy@bakeridi.edu.au  or by calling 1800 099 880 (toll-free), or write to us at:

Privacy Officer
Baker IDI Heart and Diabetes Institute
75 Commercial Road
Melbourne, Victoria 3004, Australia

Back to top

Opt-out

If you have received communications from us and you no longer wish to receive those sorts of communications, please contact us at privacy@bakeridi.edu .au or by calling 1800 099 880 (toll-free), or write to us at:

Privacy Officer
Baker IDI Heart and Diabetes Institute
75 Commercial Road
Melbourne, Victoria 3004, Australia

Back to top 


BAKER IDI SPECIALIST CLINIC

As a patient at the Baker IDI Clinic, your personal information including health information will be collected. In addition to your name and address, this information may also include: 

• Your medical history including (where clinically relevant) a family medical history

• Your Medicare number and private health insurance information

• Current medications or treatments used by you

• The name of any care provider, health service provider or medical specialist to whom we refer you back or who has referred you to us, copies of any referrals and reports

• Test results and samples.

This information is used to ensure that you are given comprehensive medical treatment and quality care.

You may be referred for diagnostic tests such as pathology or radiology and our staff may consult with senior medical experts when determining your diagnosis or treatment. Our staff may also refer you to other health service providers for further treatment (for example, to a physiotherapist or outpatient or community health services).

These health professionals will share your health information as part of the process of providing your treatment. We will only do this while maintaining confidentiality of all this information and protecting your privacy in accordance with this Privacy Policy and privacy laws.

Back to top


PARTICIPATION IN RESEARCH AND CLINICAL TRIALS AT       BAKER IDI

In order to conduct research and clinical trial activities, Baker IDI may collect your personal information including health information. In addition to your name and address, this information may also include:

• Your medical history including (where clinically relevant) a family medical history

• Your Medicare number and private health insurance information

• Current medications or treatments used by you

• The name of any care provider, health service provider or medical specialist to whom we refer you back or who has referred you to us, copies of any referrals and reports

• Test results and samples.

This information is used to record your involvement in clinical trials and other research activities undertaken by Baker IDI, to process the results of research and clinical trials and to contact you regarding participation in future studies.

From time to time we may collate statistical data from the information we have collected. In these cases, the data will be de-identified and aggregated before it is disclosed to third parties.

All research and clinical trials undertaken at Baker IDI are approved by the Alfred Human Research Ethics Committee, the Bellbery Human Research Ethics Committee or the Central Australia Human Research Ethics Committee. Patients enrolled in trials or research will be given information detailing how health information will be handled by Baker IDI.

Back to top


SECURITY OF YOUR PERSONAL INFORMATION

We take all reasonable steps to ensure the security of the personal information we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure. We maintain physical security over our paper and electronic data stores and premises, such as locks and security systems.

Your personal information may be stored in hardcopy documents, as electronic data, or in Baker IDI software or systems, or third party database storage or server. We maintain computer and network security; for example, we use firewalls (security measures for the Internet) and other security systems such as user identifiers and passwords to control access to our computer system. Backups of electronic information are written to drives which are stored offsite. Paper records are stored in offices which are secured to prevent entry by unauthorised people, or in locked filing cabinets in secure areas. Any personal information not actively being used is archived, usually for a period of 7 years, with a third party provider of secure archiving services.

Where personal information is stored by a third party, we have arrangements which require those third parties to maintain the security of information. We take reasonable steps to protect the privacy and security of that information, but we are not liable for any unauthorised access or use of that information.

Baker IDI uses Secure Socket Layer (SSL) certificates which is the industry standard for encrypting your credit card and debit card numbers and your name and address so that it cannot be viewed by any third party over the Internet. Your financial information is encrypted on our servers and access to this information is restricted to our authorised staff only. All third party gateway providers are PCI DSS (Payment Card Industry Data Security Standard) compliant. EFTPOS transactions are conducted in accordance with the EFT Code of Conduct.

Back to top


ANONYMITY AND PSEUDONYMITY

Where lawful and practicable, you will be given the option to deal with us without identifying yourself (eg when inquiring about the activities that Baker IDI undertakes) or using a pseudonym (eg in publications or newsletters). Individuals should be aware that contact details are required in order for Baker IDI to issue a tax deductible receipt.

While we seek to recognise the contributions of our donors and supporters in our publications, individuals wishing to remain anonymous in our publications and at other public forums should advise this in writing to the Director of Baker IDI.

Back to top


GAINING ACCESS TO INFORMATION WE HOLD ABOUT YOU

Baker IDI will, on request, provide you with information we hold about you, unless there is an exception which applies under relevant privacy laws. Access can only be denied in certain circumstances.

Unless there is an exception which applies under privacy laws we will provide you with a photocopy and/or printout of information held within 14 days. No charge will be made for this service.

If we refuse to grant you access to your personal information, we will provide you with reasons for that decision (unless it is unreasonable to do so) and the avenues available for you to complain about the refusal.

Back to top


KEEPING YOUR PERSONAL INFORMATION UP-TO-DATE

We take reasonable steps to ensure that your personal information is accurate, complete and up-to-date, relevant and not misleading having regard to the purpose for which it is held.

If you wish to update or correct the personal information we hold about you, please contact the Privacy Officer immediately and we will take reasonable steps to either correct this information or, if necessary, discuss alternative action with you.

Back to top


OUR WEBSITE

Visiting http://www.bakeridi.edu.au  generates the following statistics: 

• Your server address

• Your top level domain name (.com, .gov, .au, .uk etc)

• The pages you access and documents downloaded

• Any keywords or search words you enter

• The type of browser you are using.

These statistics are gathered so we can improve our website for future visitors. This information does not make it possible for you to be identified.

If you send us an e-mail, your e-mail address (together with any other information you send us) will only be used for the purpose for which you have provided it, except where you give consent for another purpose. This site does not provide facilities for the secure transmission of information across the Internet. Users should be aware that there are inherent risks in transmitting information across the Internet.

No "cookies" are employed on the Baker IDI website except for those generated when you use the search engine. These are destroyed at the end of your browser session. No information about you is stored at the end of your browser session. (A "cookie" is information that a web site puts on your hard disk so that it can remember something about you at a later time.)

We may create links to third party websites. Baker IDI is not responsible for the content or privacy practices employed by websites that are linked from our website.

Back to top


CHANGES TO BAKER IDI PRIVACY POLICY

This Privacy Policy was last updated in March 2014 and may be amended from time to time. You can access the most up to date copy by visiting our website.

Back to top


ADDRESSING YOUR CONCERNS

If you have a query on how your personal information is collected or used, or any other query relating to this Privacy Policy, please contact:

Privacy Officer

Baker IDI Heart and Diabetes Institute
75 Commercial Road
Melbourne, Victoria 3004, Australia
Telephone: +61 (0)3 8532 1100 Facsimile: +61 (0)3 8532 1160
Email: privacy@bakeridi.edu.au  
Toll Free: 1800 099 880

We will respond to your query or concern as soon as possible and will try to resolve any complaint within 10 working days. If this is not possible, we will contact you within that time to let you know how long we estimate it will take to resolve your concern. If you are unsatisfied with the outcome, we will advise further options including, if appropriate, review by the Office of the Australian Information Commissioner.

Back to top