The George Institute for Global Health, together with its subsidiaries and associated companies worldwide (“The George Institute”, “we” and “our”) is committed to handling personal information (including health and other sensitive information) in accordance with applicable privacy laws, including the Australian Privacy Principles (“APPs”) set out in the Australian Privacy Act 1988 (Cth).
We have adopted the APPs as the minimum standard across all of our offices worldwide. We also comply with the ICH Guidelines for Good Clinical Practice with respect to the use, protection and security of health information collected, as well as guidelines issued by the National Health and Medical Research Council of Australia (NHMRC) in respect of health information that may be accessed in the conduct of research.
We collect personal information reasonably necessary for one or more of our functions or activities as a medical research organisation. The types of personal information we generally collect may include your name, date of birth, address and other contact details such as your telephone numbers and email address. Depending upon the purpose of our interaction with you, we may collect additional personal information. More details about the personal information we collect (and why) are provided below.
We (or an approved third-party operating on our behalf) will collect personal information and health information (and at times, other sensitive information) from individuals who participate in human research studies and clinical trials undertaken by The George Institute (or our related entities, including George Clinical).
Such information collected may include: gender, nationality, heritage, and date of birth; medical history and treatments; Medicare number (or similar) and private health insurance information; current medications and treatments; health services and treatments; symptoms, test results and hospital care; and consequential health factors.
The information is collected for the purposes of medical research and analysis pertaining to the research study or trial, to comply with laws and regulatory guidelines relating to medical research and clinical trials, and to substantiate the findings and publication of research results.
We may also collect personal information of health practitioners and health providers who are involved in the care of study participants (e.g. general practitioners, physiotherapists, other healthcare service providers). Such information collected may include name, address, contact details, professional qualifications, experience, and interaction records with us (as part of the particular research study or trial). This information is collected for the purpose of administration, management and operation of The George Institute and the particular research study or trial.
We may also collect the personal information of medical experts, researchers and other professionals advising on, overseeing, or assisting in the conduct of a particular research study or trial. Such information collected may include name, address, contact details, professional qualifications and experience, and registration information.
We may collate statistical data from study/trial results that we have collected over years for the purposes of future research, or advising on healthcare policy to Governments and decisionmakers.
As part of the ordinary course of business operations, we may capture and record personal information from our dealings with partners, business alliances and service providers. Such information is collected for administrative, management, and audit purposes.
We may collect personal information (e.g. name and contact details) from those who contact us (by phone or in person). Also, when accessing our websites (refer to “How do we collect and hold your personal information‟ section below). Such information is collected in order to deal with you and improve our services.
We are required to collect personal information from donors and supporters of TGI in order to comply with laws and issue tax receipts. Information collected may include name, contact details and payment details. We may collect personal information when we are canvassing recruitment of staff and PhD students. You may also supply personal information to us when applying for open positions, and we may collect your personal information from third-parties (e.g. referees) as part of the assessment and recruitment process. Such information collected may include educational and academic background, work history, skill-set and capabilities. We may collect similar personal information from volunteers who apply to work with The George Institute.
Where lawful and practical, you will be given the option to deal with us without identifying yourself or by using a pseudonym (e.g. when inquiring about the activities that The George Institute undertakes).
However, to participate in a research study, we must (by law) obtain your personal information – you cannot deal with us anonymously.
How do we collect and hold your personal information?
We aim to collect your personal information directly from you: when you first make contact with us (e.g. phone, in person, email or via our website); when you agree to participate in a research study or trial (e.g. through the study information/consent process); and when dealing with us as part of ordinary business.
We may collect your personal information from a third-party, such as your medical or health provider (e.g. GP, hospital) and an information document (including requisite privacy disclosures) will be given to you by that provider.
When accessing our websites, we may make a record of your user service address and internet provider name and address, the date and time of your visit, the pages you accessed and any documents downloaded, any website visited prior to accessing our site and the type of browser used. This information (which is unlikely to contain personal information) is collected to monitor the activity on our websites (including the popularity of certain pages and information presented on our websites, and linkages to information), to consider improvements to the delivery, presentation and types of information on our websites (including cost/benefit analysis), and ensure the protection of our intellectual property and reputation.
We hold personal information in paper-based and electronic records and systems.
Personal information collected in paper-based documents may be converted to electronic form for storage (with the original paper-based documents either archived or securely destroyed).
The George Institute uses physical security and other measures to ensure that personal information is protected from misuse, interference and loss, and from unauthorised access, modification and disclosure.
Personal information held in paper-based form is generally securely stored at our offices, with archived records held at an external storage facility. Our databases and their contents remain at The George Institute and stay with data processors or servers acting on our behalf and responsible to us.
We maintain computer and network security by using firewalls, user identifiers and passwords to control access to our computer system.
Donations and registrations made on The George Institute website use encryption methods and credit card data is stored using systems compliant with the Payment Card Industry Data Security Standard.
We may disclose your personal information to our staff, related parties, and approved third parties (e.g. agents, service providers, collaborators and research partners) who are working on the study or research program for which your personal information was collected; but only to such persons who need to know. Our staff must comply with privacy and confidentiality terms as part of their employment with us. To be an approved third-party of TGI, that party must be subject to similar privacy and confidentiality laws, or have a professional and/or contractual obligation of confidence.
We may also disclose your personal information as directed or permitted by law or court order.
Depending on the circumstances and the location where the study or research program is being conducted or coordinated, the above-mentioned may involve a cross-border disclosure. Our studies are often internationally based and our staff, agents, service providers, collaborators and research partners may be located overseas, e.g. Canada, the United Kingdom, the European Union, India and China. This will be explained in the study protocol and information documents.
Whenever possible, your personal information will be de-identified (and aggregated with others) before disclosure.
It is unlikely that personal information collected outside a study or research program (such as information collected during the ordinary course of business activities) will be disclosed outside of The George Institute.
You may request access to, or seek correction of, your personal information that is held by The George Institute, by writing to the Privacy Officer:
Address: Level 1, 1 King Street, Newtown, NSW 2031; or Email: email@example.com
Typically, we will respond to your request within 10 business days.
In your request, please ensure that you provide a reply address, so that we can contact you if we are unable to locate your personal information or cannot carry out your request (in which case, we generally tell you why).
Please set out your complaint in writing to the Privacy Officer:
Address: Level 1, 1 King Street, Newtown, NSW 2031; or Email: firstname.lastname@example.org
Please provide sufficient information, so that the Privacy Officer can consider your concerns and contact you. Typically, we will respond to your complaint within 10 business days.
If you are not satisfied with our response, or you consider that we may have breached the Australian Privacy Principles or the Privacy Act 1988 (Cth), you are entitled to make a complaint to the Office of the Australian Information Commissioner. The Office of the Australia Privacy Commissioner can be contacted by telephone on 1300 363 992 or full contact details can be found online at www.oaic.gov.au.
Please refer to our website www.thegeorgeinstitute.org for the latest copy.