This policy explains:
- what types of personal information we might collect;
- how we aim to use personal information;
- when we will disclose personal information to others;
- how you can access personal information that we hold about you; and
- how we manage and secure personal information.
About Linear Clinical Research Limited (LCR)
LCR is a purpose-built Phase I facility that supports first in human through to phase II clinical trials and is co-located within a major research precinct and tertiary teaching hospital. LCR has the Australian advantage of fast regulatory approval time to achieve first-in-human clinical data and extensive experience in adaptive healthy volunteer / patient protocol designs.
LCR provides international biopharmaceutical companies access to Australia’s brightest minds and talented clinical research professionals for innovative medicines. Research and the clinical trial is a fundamental tool of modern medicine – the clinical trial is the medical invention that has contributed to nearly all of the lifesaving medicines that we know today. LCR’s rapid and quality-driven services secure innovative, world class clinical research trials to ultimately improve patient health outcomes world-wide.
We have an existing unique collaboration with a 600 bed tertiary teaching hospital (Sir Charles Gairdner Hospital, SCGH) and the State Health Department, to perform healthy volunteer studies and recruit different patient populations from anywhere in the State into early phase clinical research. This connection also enables us to work with specialised physicians for a variety of therapeutic areas.
LCR collects, holds, uses and discloses personal information to carry out these functions or activities.
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.
Sensitive information means:
- information or an opinion about an individual’s:
- racial or ethnic origin;
- political opinions;
- membership of a political association;
- religious beliefs or affiliations;
- philosophical beliefs;
- membership of a professional or trade association;
- membership of a trade union;
- sexual orientation or practices; or
- criminal record,
- that is also personal information;
- health information about an individual;
- genetic information about an individual that is not otherwise health information;
- biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or
- biometric templates.
Health information means:
- information or an opinion about:
- the health, including an illness, disability or injury, (at any time) of an individual; or
- an individual’s expressed wishes about the future provision of health services to the individual; or
- a health service provided, or to be provided, to an individual;
that is also personal information;
- other personal information collected to provide, or in providing, a health service to an individual;
- other personal information collected in connection with the donation, or intended donation, by an individual of his or her body parts, organs or body substances;
- genetic information about an individual in a form that is, or could be, predictive of the health of the individual or a genetic relative of the individual.
De‑identified information means personal information that is no longer about an identifiable individual or an individual who is reasonably identifiable.
Collection of Personal Information
As a participant or prospective participant in a clinical trial, the collection of personal and sensitive private information is a necessary part of ensuring that:
- the participant’s safety is paramount;
- we are able to communicate with you in a timely manner;
- we are able to provide you with information about clinical trials;
- only suitable participants are included in clinical trials;
- a diverse population of participants is enrolled into a clinical trial (where the clinical trial protocol allows for such diversity); and
- we comply with our legal obligations.
As a participant or prospective participant in a clinical trial, the information that may be collected from you may include, but is not limited to:
- date of birth;
- address and other contact details, including email address and telephone numbers;
- driver’s licence number and expiry date;
- tax file number;
- bank account details;
- current employment and employment history;
- employment conditions;
- physical or mental health;
- disability status;
- racial or ethnic origin, cultural background or culturally sensitive issues;
- Medicare card number;
- details related to health status – past and present;
- details related to lifestyle factors such as smoking status, use of drugs (prescribed, over-the-counter and illicit), consumption of alcohol; and
- details related to body height, weight and other physiological measurements (e.g. heart rate, blood pressure, etc).
LCR may also collect personal information (including sensitive information) about you from publicly available sources.
We will also collect health information from clinical trial participants. This health information is sensitive information and will be subject to greater regulation under the Australian Privacy Principles.
Personal information that has been de-identified is no longer considered to be personal information. Similarly, personal information that is in the public domain is no longer considered to be personal information.
Updating your Personal Information
We aim to keep all personal information up‑to‑date and accurate and so we encourage you to let us know of any changes in your personal information, including your contact details.
Use and Disclosure of your Personal Information
Access to LCR records and disclosure of your personal information is limited to those who have an operational need or who have legislative authority. These include but are not limited to:
- LCR Chief Executive Officer (CEO) and staff;
- auditors appointed by sponsors, certifying authorities or ethics committees;
- the Commonwealth Ombudsman;
- the Office of the Australian Information Commissioner;
- Administering Institutions;
- the Australian Taxation Office; and
- the Australian Federal Police.
LCR will not be taken to have breached its obligations under this policy or the Privacy Act where:
- a person has consented to the use or disclosure of their personal information;
- a purpose for which the personal information is to be used is directly related to the purpose for which it was collected;
- a person would reasonably expect, or has been told, that personal information may be published or passed to certain individuals, bodies or agencies (e.g. if requested by the Australian Taxation Office);
- the disclosure of personal information:
- is required or permitted by law; or
- will prevent or lessen a serious and imminent threat to somebody’s life or health,
- there is a reasonable belief that the disclosure of the personal information is for a purpose directly related to the enforcement or investigation of a possible breach of a Commonwealth, State or Territory law; or
- the personal information is in the public domain.
Access, Correction and Removal of your Personal Information
You have specific rights under Australian Law to request access to and correction of personal information that LCR holds about you.
You can request access to the personal information that LCR holds about you subject to certain exceptions under the Privacy Act. You are also entitled to specify how you wish to access your personal information, so long as this is reasonable and practicable. In order to access your personal information please discuss this with the LCR Chief Executive Officer (CEO).
Given that the information we will have is of a sensitive nature we will need to verify the identity of anyone requesting access to your personal information, so as to ensure that we do not provide that information to a person or people who do not have the right to access that information. In furtherance of this objective we ask that any requests for information be as specific as possible so that we can accommodate your request. We will usually provide you with access within thirty (30) days of a request but in some circumstances it may take longer.
Please note that under Australian law, LCR is entitled to refuse you access to your information in the following circumstances:
- where access would be unlawful;
- denying access is required or authorised by or under an Australian law or a Court / Tribunal order; or
- access would prejudice enforcement activities or the taking of appropriate action in relation to unlawful activity or serious misconduct.
LCR takes every step that is reasonably practicable to ensure that the personal information we collect, use and disclose is accurate, complete and up‑to‑date. To facilitate this, please let us know if any of your details change or in the event you wish your personal information to be removed from our database as the Privacy Act gives you the right to request correction or removal of the personal information we hold or if that personal information is incorrect. In order to do so, please contact LCR via our email at email@example.com or Telephone: +61 (08) 6382 5100
In the event we do not agree to your request for correction or removal, we will give you notice of this outlining our reasons and what next steps you can take. You may also request us to associate a statement with that information to the effect that the information is inaccurate, out of date, incomplete, irrelevant or misleading so that it is apparent to any users of the information.
No Sale of Personal Information
Under no circumstances will LCR sell or receive payment for licensing or disclosing your personal information.
Storage and Security of Personal Information
LCR takes steps to protect the security of the personal information it holds from both internal and external threats by:
- holding this information on secure servers in controlled facilities
- regularly assessing the risk of misuse, interference, loss, and unauthorised access, modification or disclosure of that information;
- taking measures to address those risks, for example, keeping a record (audit trail) of when someone has added, changed or deleted personal information held in our electronic databases and regularly check that staff only access those records when they need to; and
- conducting regular internal and external audits to assess whether LCR has adequately complied with or implemented these measures.
For further information on the way LCR manages security risks in relation to personal information please contact us via email at firstname.lastname@example.org.