Privacy Policy

How will my privacy be protected?

CSIRO is governed under the Privacy Act 1988 (Cth).  CSIRO is collecting your personal information for the purposes of conducting the program and related scientific research.  CSIRO will only use and disclose your personal information in accordance with the Privacy Act 1988 and the NH&MRC National Statement on Ethical Conduct in Human Research (2007) as amended from time to time, and as otherwise required by law. 

In relation to studies conducted by CSIRO, it is customary for all personal information to be identified by a code and stored at CSIRO under lock and key for a period of at least 15 years. Except where otherwise required by law or a government body, at the end of this period your records will be destroyed or permanently de-identified.  

Where third parties are assisting CSIRO in relation to the conduct of this study (such as university staff, students and other health professionals), we may disclose your personal information to those third parties for this purpose on a confidential basis. Your personal information may be disclosed to partners and collaborators including:

  • the Department of Health and Aged Care;
  • the Australian Digital Health Agency, HL7 Australia; and
  • specialist medical colleges listed by the Australian Medical Council.

CSIRO will require such third parties to keep this information confidential and to only use your personal information for the purposes of the study and otherwise in accordance with the Privacy Act 1988.

We will not use or disclose your information for direct marketing purposes. 

The personal information you provide while participating in the program, including your name, email address, affiliations and any opinions, input, or content you provide, is collected for the purpose of conducting this program and related research.  

The personal information you provide while participating in the program may be posted on the publicly accessible program confluence page. This is key to an open and transparent process to co-design and co-develop the resulting standards.  The publicly accessible confluence site allows read-only access to anyone in the world, while write-access requires user registration. Any comments or attachments posted on the confluence page will include attribution to the user as part of the process.  

We note that your contributions in the program or via Confluence may include sensitive information, such as political and philosophical beliefs. You are not required to provide any such information in your response. However, if you do provide such information, it will be taken as your consent to provide that information to us.

CSIRO has obligations under APP 8 when disclosing data overseas. Where an individual consents to an overseas disclosure CSIRO no longer has those obligations. By participating in the project and signing the consent form below, you are consenting to your personal information being published on the CSIRO Confluence site, which is accessible by anyone in the world and may be stored on Confluence servers which may be located overseas. Further, you acknowledge and consent to your personal information being collected and held on Microsoft or servers, which may be located overseas, and acknowledge that CSIRO is not required to comply with APP 8 in relation to that information.

If you choose to participate in Mentimeter polling during the program, you also consent to information you provide via Mentimeter being held on Mentimeter’s servers in locations including Ireland and the United States. Mentimeter’s data handling procedures are explained in the Mentimeter security policy.  By participating in this project and signing this consent form, you will consent to the potential disclosure of your personal information to overseas recipients through Mentimeter, Confluence and/or Microsoft.  Where personal information is disclosed to an overseas recipient with your consent as provided in this consent form, APP 8 will not apply in relation to the handling of that personal information.  If the overseas recipient handles your personal information in breach of the APPs, the entity will not be accountable under the Privacy Act and you will not be able to seek redress under the Privacy Act.

The reports and standards developed during the course of the project will not contain information directly attributable to participants but will rather reflect the decisions that results from the collaborative process of the working groups.

 The CSIRO Privacy Policy available at https://www.csiro.au/en/About/Access-to-information/Privacy outlines:

  • How your personal information will be handled;
  • How you can seek access to or correction of the personal information we hold about you; and
  • How you can complain about a breach of the APPs and how CSIRO will deal with the complaint.

If you require further information on how your personal information will be handled, please contact privacy@csiro.au