Privacy at The University of Western Australia
The University of Western Australia holds the privacy of its students, staff, and community members in the highest regard. UWA is committed to managing personal information legally and responsibly.
The University has obligations regarding the collection, use and management of personal and health information under various pieces of legislation.
The University must comply with the Australian Privacy Principles, contained within the Privacy Act 1988 (Commonwealth), in relation to students’ personal information obtained for the purposes of chapter 3 and 4 of the Higher Education Support Act 2003 (Commonwealth). The University has further obligations in relation to the personal data it collects and manages under the Health Services Act 2016 (WA) and the Freedom of Information Act 1992 (WA).
The University is also considered in limited circumstances to be a data controller for the purposes of the European Union General Data Protection Regulation 2016/679 (GDPR) in relation to the collection of personal information from individuals located in the European Union (EU).
The University is not subject to the Privacy Act 1988 (Commonwealth), except as specified above. However, the Government of Western Australia is proposing a Privacy and Responsible Information Sharing Act (PRIS). The University fully supports this upcoming legislation and actively works with the Government to ensure its successful implementation. Additionally, the University has mapped its values that align with the principles of PRIS, which can be accessed through provided link here PRIS Values [DOC 140KB] .
Until the Privacy and Responsible Information Sharing Act (PRIS) is enacted, the University remains committed to adhering to the Australian Privacy Principles for all personal information it collects and manages.
The University has enacted its Information Privacy policy. This policy applies to all areas of the University. Anyone interacting with the University can expect that their personal information will be handled in accordance with this policy.
The University’s Information Privacy policy can be accessed through the Information Privacy Policy [DOC 217 kb], and is accompanied by the Information Privacy Guideline [DOC 388 kb], along with links to other supporting material.
In addition to the policy UWA Staff and Students should also read the information specific to them, as found in the University Privacy Collection Notices.
The University has distilled and summarised its commitment to information privacy through the UWA Information Privacy Tenets.
1. NOTICE | Inform individuals what personal information you are collecting and why |
2. PURPOSE | Collect only what personal information is legitimately needed for the purpose |
3. SECURITY | Protect personal information by using adequate security |
4. SHARING | Do not disclose personal information unless you are confident it is directly connected with its purpose |
5. RELEVANCY | Ensure personal information remains relevant, by allowing individuals to review and correct their data |
6. ACCOUNTABILITY | Handling personal information is your responsibility |
7. TRANSPARENCY | Be open and vigilant, and report concerns or potential improvements |
The University’s Privacy Office, which is operated out of the Governance Directorate as a part of the University’s Information Governance team.
The Privacy Office is responsible for;
- University’s information Privacy policy and policy guideline
- Guidance and advice on privacy obligations and responsibilities
- Training and awareness for University staff of the management of personal information
- Facilitating Privacy Impact Assessments with UWA stakeholders and experts, and the wider community
- managing enquiries, concerns or complaints about the University’s collection and management of personal information
- managing requests for access to, or correction of personal information, and rights afforded under the GDPR; and
- assessing suspected data breaches (in collaboration with UWA’s Cyber security team and other business teams)
You may contact the UWA Privacy Office at [email protected] with full details in any of the below situations, or initially you may call ext. 1706 (+61 8 6488 1706) from 9am to 3pm Monday to Friday for an informal discussion;
- You wish to request access to, or correction of personal information held by UWA about you and if you have been unable to do this as a student through Student Central.
- You wish to request access to, or correction of personal information held by UWA about you, and if you been unable to do this as a Staff member through your HR Business Partner.
- You wish to invoke a right conferred by the General Data Protection Regulation (GDPR)
- You believe that there has been a breach of the Information Privacy policy by the University, or a member of its staff in the collection, handling or disclosure of your or another person or persons’ Personal Information
- You believe there has been a data breach involving Personal Information.
The Privacy Office is made up of the following staff;
- Privacy Champion – the Senior Deputy Vice Chancellor
- Privacy Officer – Manager, Information Governance
- Privacy Coordinators – Information Governance Specialists
These staff are supported by expert advice and services from UWA Legal Services, Risk Assurance team and Uni-IT’s Cyber Security Team.
If you have any questions please refer to our Frequently Asked Questions page, or for further enquiries contact [email protected].