Before your training organisation applies for a USI on behalf of a student, you are required under the Student Identifiers Registrar’s terms and conditions to give the student a privacy notice explaining how their personal information will be used.

To assist your organisation in meeting this requirement, we have developed a Privacy Notice which you can incorporate in your student information.

If your organisation wishes to include information on the USI in your enrolment form and obtain a student’s authorisation for your organisation to apply for a USI on their behalf, we also have suggested text that you can use.

Training organisations should also note the following:

• You may be an Australian Privacy Principle (APP) entity bound by the Privacy Act 1988 or an entity bound by State or Territory Privacy legislation. Please consider whether your organisation is bound by any privacy legislation and, if so, what your organisation’s obligations under such legislation would be. You should seek independent legal advice as to what your privacy obligations may be.

• Please note, in addition to the above, if your organisation contravenes sections 11, 16 or 17 of the Student Identifiers Act 2014, then pursuant to section 23 of the Student Identifiers Act 2014, your organisation will be considered to be an APP entity bound by the Privacy Act 1988 and the contravention may be subject to investigation by the Information Commissioner.

• Where your organisation is bound by Commonwealth or State or Territory Privacy legislation, your organisation may need to provide students, either in connection with applying for the USI on their behalf or more generally as part of the enrolment information, advice about how the student’s information is stored and protected, such as secure server at the Registered Training Organisation, third-party server in the cloud, or if hard-copy, in a locked file/cupboard.