HOW PERSONAL INFORMATION IS HELD
Insight Training’s usual approach to holding personal information includes robust storage and security measures at all times. All electronic data is stored on servers based in Sydney Australia. Information on collection is:
- As soon as practical converted to electronic means;
- Stored in secure, password protected systems, such as financial system, learning management system and student management system; and
- Monitored for appropriate authorised use at all times.
Only authorised personnel are provided with login information to each system, with system access limited to only those relevant to their specific role. Insight Training ICT systems are hosted externally with robust internal security to physical server locations and server systems access. Virus protection, backup procedures and ongoing access monitoring procedures are in place.
Destruction of paper based records occurs as soon as practicable in every matter, through the use of secure shredding and destruction services at all Insight Training sites.
Individual information held across systems is linked through a Insight Training allocated identification number for each individual.
Insight Training takes active measures to consider whether we are able to retain personal information we hold, and also to ensure the security of personal information we hold. This includes reasonable steps to protect the information from misuse, interference and loss, as well as unauthorised access, modification or disclosure.
We destroy or de-identify personal information held once the information is no longer needed for any purpose for which the information may be legally used or disclosed.
Access to Insight Training offices and work areas is limited to our personnel only – visitors to our premises must be authorised by relevant personnel and are accompanied at all times. With regard to any information in a paper based form, we maintain storage of records in an appropriately secure place to which only authorised individuals have access.
Regular staff training and information bulletins are conducted with Insight Training personnel on privacy issues, and how the APPs apply to our practices, procedures and systems. Training is also included in our personnel induction practices.
We conduct ongoing internal audits (at least annually and as needed) of the adequacy and currency of security and access practices, procedures and systems implemented.
Posted in:
Tags:
Current Blog
HOW PERSONAL INFORMATION IS HELD