Your privacy is important to us. This statement outlines Xigent Locums policy on how we collect personal information and how we maintain, use, store and disclose the personal information we hold and reflects our commitment to you. It applies to all operations within Xigent Medical Pty Ltd, trading as Xigent Locums (“Xigent”) in Australia including visitors to our website
Adherence to RCSA Code for Professional Conduct
As a Member of RCSA Limited we must take reasonable steps to maintain the confidentiality and privacy of information obtained in the course of our professional practice.
We must also take reasonable steps to ascertain the extent to which any information we collect may be confidential.
RCSA administers Disciplinary & Dispute Resolution Procedures which you may have access to if you consider that we have breached any professional obligations.
The Australian Privacy Principles established by the Privacy Act 1988 (C’th) as amended by the Privacy Amendment (Enhancing Privacy Protection) Act 2012apply to Xigent Medical Pty Ltd (trading as Xigent Locums)
How to contact us
If you wish to contact us about your personal information you should contact the Privacy Officer at Xigent Locums on 07 3200 0509 during normal office hours or email email@example.com any time.
We are committed to being open and transparent about how we manage personal information
Collection of Information
We will only collect information that is reasonably necessary for one or more of our tasks, functions or activities.
We do not collect personal information just because we think it could be useful at some future stage if we have no present need for it.
We do not routinely conduct criminal history checks and only do so in order to obtain relevant criminal history with regard to particular jobs you are offered or for which you are shortlisted.
We do not collect or use personal information for the purposes of unlawful discrimination.
We may decline to collect unsolicited personal information from or about you and may take such measures as we think appropriate to purge such information from our systems.
Type of Personal Information Held
Personal information that we collect and hold usually falls into the following categories:
- Candidate information submitted and obtained from the candidate and other sources in connection with applications for work;
- Information obtained from the candidate to facilitate payment for work;
- Work performance information including references and feedback;
- Information about incidents in the workplace;
- Information submitted and obtained in relation to absences from work due to leave, illness or other causes;
- Information obtained to assist in managing client and business relationships;
- And other information obtained or received by us in connection with a doctor’s possible or actual work placement
Sensitive information is a special category of personal information under the Australian Privacy Act 1988. It is information or opinions about you, such as membership of a professional associations; criminal record; health information, racial or ethnic origin, religious beliefs or affiliations, or philosophical beliefs. We will only collect Sensitive Information from you if you consent or if the collection of the information is required by or authorised by or under an Australian law. As outlined in the Australian Privacy Act, sensitive information can, in most cases, only be disclosed with your consent.
How your information will be collected
Personal information will be collected from you directly when you fill out and submit one of our application forms, together with any other information in connection with your application for work.
Personal information is also collected when:
- You complete our registration or information forms, or provide any other information in connection registration with Xigent;
- You complete Scope of Clinical Practice & Credentialing Applications for facilities;
- we receive or give any reference about you;
- we receive results of enquiries that we might make of your former employers, work colleagues, professional associations or registration body;
- We receive results of enquiries that we might make for information required for your job placement, such as to Medicare Australia, Australian Health Practitioner Regulation Agency, Department of Immigration (Visa Entitlement Verification Online) and the Australian Business Register;
- we receive the results of any competency, medical test, or background check;
- we receive performance feedback (whether positive or negative);
- We receive any complaint, information about any workplace incident in which you were involved, or other information from or about you in the workplace;
- we receive any information about any insurance investigation, litigation, registration or professional disciplinary matter, criminal matter, inquest or inquiry in which you are involved;
- you provide us with any additional information about you;
- electronically through our telecommunications and technology systems – see the section in this policy on electronic transactions;
Purposes for which we hold personal information
We primarily collect, hold, use and/or disclose personal information for the following purposes:
- Employment placement operations;
- Staff management;
- Risk management;
- Client and business relationship management;
- Marketing services to you; but only where this is permitted and whilst you are registered with us;
- Our management and resolution of any complaint, inquiry or investigation in which you are involved
- Any insurance claim or proposal that requires disclosure of your personal or sensitive information;
- Statistical purposes and statutory compliance requirements;
- For research, development, business systems and infrastructure testing, and other business purposes to assist us in providing our services to you
We may disclose your personal information for any of the purposes for which it is primarily held or for a related purpose where lawfully permitted.
- Potential and actual employers, clients of Xigent and trusted third parties
- Xigent employees and potential employers regarding possible work placements or to assist us in providing our services to you
- External providers of on-line training and induction – eg mandatory on-line H&S Induction
- Our insurers
- A professional association or registration body that has a legitimate interest in the disclosure of your personal and sensitive information
- A Workers Compensation body
We may disclose your personal information where we are under a legal duty to do so, including circumstances where we are under a contractual or lawful duty of care to disclose information.
We may disclose your personal information to overseas recipients in the following countries:
- New Zealand
- Papua New Guinea
- Other countries where Xigent may provide its services in the future
We do not share personal information about you with government agencies, organisations or anyone else unless one of the following applies:
- you have consented;
- you would reasonably expect, or have been told, that information of that kind is usually passed to those individuals, bodies or agencies;
- it is required or authorised by law;
- it will prevent or lessen a serious and imminent threat to somebody’s life or health;
- the disclosure is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of public revenue.
Outsourced Service Suppliers
We outsource a number of services to contracted service providers (CSPs) from time to time. Our CSPs may see some of your personal information. Typically our CSPs would include:
- I.T. contractors and database designers and service internet service suppliers, some of whom may be off shore;
- legal and other professional advisors;
- insurance brokers, loss assessors and underwriters;
- superannuation fund managers;
- background checking and screening agents;
- external accreditation / certification auditors.
All reasonable steps will be taken to ensure that terms of service with our CSPs recognise that we are bound by obligations to protect the privacy of your personal information and that they will not do anything that would cause us to breach those obligations
If you do not wish to have your personal information used for direct marketing purposes, you may contact our Privacy Officer and request not to receive direct marketing communications from us.
Personal Information Quality
We rely on you to tell us when there are changes to your personal information that we hold about you. This could be for example a change of address or employment status.
Children, Minors and Persons under a Legal Disability
Determining the decision-making capabilities of a person who is under a legal disability can be a complex matter, often raising ethical and legal issues.
We endeavour to address each case individually with a view to deciding whether the individual is able to give consent or receive notifications based upon an assessment of whether the individual has sufficient understanding to comprehend the nature and quality of what is being proposed.
In some circumstances, it may be appropriate for a parent, guardian, holder of an enduring power of attorney (or like authority) or next of kin to be contacted in any case in which consent is required or notification is to be given and where it is not practicable to obtain it from, or give it directly to, the individual.
Personal Information Security
At Xigent, we train our staff to respect the confidentiality of customer information and the privacy of individuals. Xigent regards breaches of your privacy very seriously, and any breach will result in disciplinary action being taken, dependent upon severity. Xigent have appointed a Privacy Officer to ensure that our management of personal information is in accordance with this policy and the relevant legislation.
Safeguarding the privacy of your information is important to us, whether you interact with us personally, by phone, mail, over the internet or other electronic medium. We hold personal information in a combination of secure computer storage facilities and paper-based files and other records.
We take such steps as are reasonable in the circumstances to protect the personal information that we hold from:
a) misuse, interference and loss; and
b) unauthorised access, modification or disclosure.
We take reasonable steps to destroy or permanently de-identify personal information when it is no longer required for any purpose for which it may be used or disclosed. However, it is not always practicable to destroy or de-identify electronic data. Where it is not reasonable to destroy or permanently de-identify personal information in electronic form, we will take reasonable steps to prevent inadvertent access to it.
Photos and Images
We will not request that you supply photographs, scan photo ID, or capture and retain video image data of you in cases where simply sighting photographs or proof of identity documents would be sufficient in the circumstances.
At times video surveillance which operates in or near our premises may capture images of you.
Inquiries and Complaints
You can make further inquiries or complaints about our privacy procedures to our Privacy Officer whose contact details are detailed in this Policy.
We aim to acknowledge receipt of all complaints within 48 hours, and aim to resolve all complaints within 30 working days. This may not be possible in all circumstances depending on the contents of the complaint. In this situation, we will respond to your complaint in a reasonable time. If you are not satisfied with our response to your complaint, in Australia you can contact the Australian Information Commissioner (OAIC).
You can also make complaints to the Privacy Authorities in your national, state or territory jurisdiction.
Complaints may also be made to RCSA with regard to Member conduct.
Although you can remain anonymous or use a pseudonym when contacting us it is impractical for Xigent to deal with you if you have not identified yourself.
We cannot guarantee that any recipient of your personal information will protect it to the standard to which it ought to be protected. The costs and difficulties of enforcement of privacy rights in foreign jurisdictions and the impracticability of attempting to enforce such rights in some jurisdictions will mean that, in some instances, we will need to seek your consent to disclose. However, we will take steps as are reasonable in the circumstances to ensure that an overseas recipient does not breach the Australian Privacy Principles in relation to the information.
Subject to some exceptions that are set out in privacy law, you can gain access to the personal information that we hold about you.
Important exceptions include evaluative opinion material obtained confidentially in the course of us performing reference checks and access that would impact on the privacy rights of other people. Access may be refused if it would breach any confidentiality that attaches to that information or if it would interfere with the privacy rights of other people. In many cases evaluative material contained in references that we obtain will be collected under obligations of confidentiality that we make, and which the communicator of that information is entitled to expect will be observed.
If you wish to obtain access to your personal information you should contact our Privacy Officer. You will need to be in a position to verify your identity.
We might impose a moderate charge in providing access. Our Privacy Officer would discuss this with you.
You should also anticipate that it may take a little time to process your application for access as there may be a need to retrieve information from storage and review information in order to determine what information may be provided. We will generally respond to your request for access within a reasonable time.
If you are able to establish that personal information we hold about you is misleading, irrelevant, not accurate, complete or up-to-date, we will take reasonable steps to correct it.
If we are unable to agree that personal information we hold about you is not misleading, relevant, accurate, complete and up-to-date, you may ask us to place with the information a statement by you that claims that particular information is misleading, irrelevant, not accurate, incomplete or out of-date.
If you wish to have your personal information corrected, you should contact our Privacy Officer who will respond within a reasonable period. You will need to be in a position to verify your identity.
This section explains how we handle personal information collected from our website www.xigent.com.au and by other technology in the course of electronic transactions.
It is important that you understand that there are risks associated with use of the internet and you should take all appropriate steps to protect your personal information.
It is important that you:
- Be careful what information you share on the Web.
- Use privacy tools on the site – control access to your search listing and profile.
- Make sure your anti-virus and data protection software is up-to-date.
Please contact our office by phone or mail if you have concerns about making contact via the internet.
Sometimes, we collect personal information that individuals choose to give us via online forms or by email, for example when individuals:
- ask to be on an email list;
- make a written online enquiry or email us through our website;
- submit a resume by email or through our website;
We gather information about all our website users collectively, such as what areas users visit more frequently and what services users access the most. We only use such data anonymously and in the aggregate. This information helps us determine what is most beneficial for our users, and how we can continually create a better overall website experience for you.
Our internet service provider iinet.com.au may record the following information for statistical purposes:
- the individual’s server address
- the individual’s top level domain name (for example .com, .gov, .org, .au, etc)
- the pages the individual accessed and documents downloaded
- the previous site the individual visited; and
- the type of browser being used.
We do not identify users or their browsing activities except, in the event of an investigation, where a law enforcement agency may exercise a warrant to inspect the internet service provider’s server logs.
If we use web bugs we will display a clearly visible icon on the page. The icon will include the name of the company collecting information and will be labelled as a tracking device. The Web bug will be linked to a page disclosing what data is collected, how it is used, and which companies receive the data. Web visitors will be able to opt out of data collection by Web bugs. Web bugs will not be used to collect sensitive information.
Cloud Computing Services
We cannot guarantee that any recipient of your personal information will protect it to the standard to which it ought to be protected. The costs and difficulties of enforcement of privacy rights in foreign jurisdictions or against third parties and the impracticability of attempting to enforce such rights in some jurisdictions will mean that in some instances, we will need to seek your consent to disclosure.
In cases where we use cloud computing services we will take reasonable steps to ensure that:
- disclosure of your personal information to the cloud service provider is consistent with our disclosure obligations under the Privacy Principles. This may include ensuring that we have obtained your consent, or that the disclosure is for purposes within your reasonable expectations.
- disclosure is consistent with any other legal obligations, such as the restrictions on the disclosure of tax file number information.;
- our cloud computing services provider’s terms of service recognise that we are bound by obligations to protect the privacy of your personal information and that they will not do anything that would cause us to breach those obligations.
Social Networks and Web Searches
In order to assess your suitability for positions and to assist you to find work, we will need to collect, use and disclose personal information about you. It has become common practice in some places for employment service providers to conduct background checking via social network media sites frequented by candidates.
We will not conduct background checking via social network media sites other than those that you identify and authorise us to check. However we do conduct internet searches using search engines (such as Google) and entering your name and relevant identifying details.
Please make sure that you do not upload photographs of any individuals who have not given consent to the display of their photograph. Displaying photographs without that person’s consent may breach privacy laws, and you may be responsible for any legal consequences.
Our technology systems log emails received and sent and may include read and receipt notifications to enable tracking.
When your email address is received by us because you send us a message, the email address will only be used or disclosed for the purpose for which you have provided it and it will not be added to a mailing list or used or disclosed for any other purpose without your consent other than as may be permitted or required by law.
Call and message logs
Our telephone technology (systems and mobile phones) logs telephone calls and messages received and sent and enables call number display.
When your call number is received by us because you phone us or send us a message, the number will only be used or disclosed for the purpose for which you have provided it and it will not be added to a phone list or used or disclosed for any other purpose without your consent other than as may be permitted or required by law.
Teleconferences and Video conferences
Teleconferences and video conferences may be recorded with your consent. In cases where it is proposed that they be recorded, we will tell you first the purpose for which they are to be used and retained.
We use recruiting software and databases to log and record recruitment operations.
Recognising the environmental advantages and efficiencies it provides, we operate a partially paperless office as a result of which your paper based communications with us may be digitised and retained in digital format, and the paper based communications may be culled.
It is therefore important that, except where specifically requested, you do not send us originals of any paper based document and that you retain copies for your own records.
Where we do request original paper based documents we will return them to you once they are no longer required by us for the purpose for which they may be used or disclosed.
Xigent seeks service delivery feedback via an electronic questionnaire linked from emails and our website. This information becomes the property of Xigent, but is not personally identified. We may use this feedback to improve our service delivery and for marketing purposes.
Feedback may be collected by other means (such as phone or email), and used to improve service delivery. We will always obtain your permission prior to using the information (such as success stories or endorsements) for marketing or other purposes.
This policy may change over time in light of changes to privacy laws, technology and business practice. If you use our website regularly it is important that you check this policy regularly to ensure that you are aware of the extent of any consent, authorisation or permission you might give.