Privacy policy

Background

The Australian Hand Therapy Association values and is committed to protecting your privacy.

The Privacy Act 1988 regulates the way individuals’ personal information is handled.

As an individual, the Privacy Act gives you greater control over how your personal information is handled. The Privacy Act allows you to:

• know why your personal information is being collected, how it will be used and who it will be disclosed to.
• have the option of not identifying yourself or of using a pseudonym in certain circumstances.
• ask for access to your personal information (including your health information).
• stop receiving unwanted direct marketing.
• ask for personal information that is incorrect to be corrected.
• make a complaint about an organisation or agency the Privacy Act covers if you think they’ve mishandled your personal information.

Scope

This privacy policy tells you:

1. what kinds of personal information does the association collect and store?
2. how will the association collect personal information, and where will it be stored?
3. the reasons why the association needs to collect personal information.
4. how the association will use and disclose personal information.
5. how you can access your personal information, or ask for a correction.
6. how to lodge a complaint if you think your information has been mishandled, and how the association will handle your complaint.
7. if the association is likely to disclose your information outside Australia and, if practical, which countries it is likely to disclose the information to.

 Definitions

Personal information

Personal information includes a broad range of information or opinions that could identify an individual. What is personal information will vary, depending on whether a person can be identified or is reasonably identifiable in the circumstances.

For example, personal information may include:

• an individual’s name, signature, address, phone number or date of birth.
• sensitive information.
• credit information.
• employee record information.
• Photographs.
• internet protocol (IP) addresses.
• voice print and facial recognition biometrics (because they collect characteristics that make an individual’s voice or face unique).
• location information from a mobile device (because it can reveal user activity patterns and habits).

The Privacy Act 1988 does not cover the personal information of someone who has died.

Sensitive information

Sensitive information is personal information that includes information or an opinion about an individual’s:

• racial or ethnic origin.
• political opinions or associations.
• religious or philosophical beliefs.
• trade union membership or associations.
• sexual orientation or practices.
• criminal record.
• health or genetic information.
• some aspects of biometric information.

Generally, sensitive information has a higher level of privacy protection than other personal information. Sensitive information cannot be collected without consent.

Personal information

What personal information do we collect? 

We may collect the following types of personal information: 

• Name.
• Contact information.
• Professional qualifications.
• Demographic information.
• Payment details including credit card details.
• Dietary requirements.
• Website interactions.
• Emails.
• CPD.
• Workplace information.

How do we collect personal information?

Member Information: When you become a member of the AHTA, we collect your name, contact information, professional qualifications, demographic information, and other relevant details necessary for membership and association management. 

Event and Course Registrations: When you register for our events, webinars, courses, or conferences, we may collect your name, contact information, payment details, and dietary or accessibility requirements. 

Website usage: We collect information about your interactions with our website, including your IP address, browser type, pages viewed, and other browsing data through cookies and similar technologies.

Communications: We may collect information related to your communications with us, including emails, phone calls, or other forms of communication. 

Cookies: As part of the regular operation of the AHTA website, a user will be sent a "cookie" (a temporary internet file). This cookie enhances the site's functionality with membership login and electronic ordering features. This cookie can only identify your computer to AHTA’s server; it is not used to identify you personally. 

Credit card information: We may collect credit card details to make a payment; however, our system does not permanently store credit card information.

Why do we collect personal information? 

We use your personal information for the following purposes: 

• Membership Management: To manage membership, including processing applications and renewals and communicating with members. 
• Event and Course Management: To register you for events, webinars, courses, or conferences and provide you with event-related information. 
• Communication: Send updates, newsletters, and information about our activities and services. 
• Website Improvement: Improve our website, content, and user experience. 
• Legal Obligations: To comply with legal and regulatory requirements. 

How will we use and disclose personal information (in Australia or internationally)? 

We may disclose your personal information to: 

• Consumers: The AHTA's 'Find a therapist’ online directory discloses workplace contact information to the public. Members may elect not to be listed in this directory. 
• Third parties: We limit the sharing of personal information to third parties. The association manages events, communications, and the website; therefore, sharing your personal information is unnecessary. However, from time to time, some third-party service providers assist us with some members' services, e.g., supply of display stickers. In these instances, we share name and postal address.
• We will never share a member’s phone number, email address or primary address.
• Personal information will never be sold to third parties.
• Legal and regulatory authorities: When required to comply with legal obligations or respond to lawful requests from government authorities. 

How long will the data be kept, and how will it be securely destroyed when no longer required / consent is revoked?

A member's personal information is kept if a member has a current membership. Expired or retired member data is held on the AHTA’s member database for historical purposes and to allow the association to contact the member in the future if required, for example, a 40-year celebration.

If a member or ex-member requests the removal of personal information, the record is deleted from the system.

Sensitive information

What sensitive information does the association collect?

We may collect the following types of sensitive information: 

Racial or ethnic origin: Aboriginal or Torres Strait Islander.

How do we collect sensitive information?

This information is collected on the membership portal. Providing this information is optional.

Why do we collect sensitive information? 

The AHTA participates in a Member Profile data collection survey undertaken by the Allied Health Professions Association (AHPA). The collection of this data is a requirement of the Health Peak and Advisory Body grant to contribute to a better understanding of Allied Health by the Commonwealth Department of Health and Ageing.

How will we use and disclose sensitive information? 

AHPA collects the total number of members with the racial or ethnic origin: Aboriginal or Torres Strait Islander, not an individual's ethnic origin.

Security of your information 

The AHTA contracts Cyber Security expertise and has prioritised mitigation strategies to protect itself and members against various cyber threats. The most effective of these mitigation strategies are the Essential Eight. 

https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/essential-eight/essential-eight-explained

We take the protection of personal information from unauthorised access, use, or disclosure seriously and employ strategies from the Essential Eight including:

• patch applications
• patch operating systems
• multi-factor authentication
• restrict administrative privileges
• application control
• restrict Microsoft Office macros
• user application hardening
• regular backups.

How can you access personal information or ask for a correction?

Access and correction of personal information is through a member’s portal.

A member may request deletion of your personal information, subject to legal and contractual obligations. 

A member may request via email to opt-out of receiving marketing communications. 

How can you lodge a complaint?

If you believe your privacy rights have been violated, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC). 

Changes to this Privacy Policy 

We may update this Privacy Policy occasionally to reflect changes in our practices or legal requirements. The updated policy will be posted in the By Laws, Policies and Guidelines and on our website. 

Contact Us 

If you have any questions, concerns, or requests related to this Privacy Policy or your personal information, please Contact us