• Complaints about TEQSA policy

    Body

    Purpose

    This policy sets out principles that inform TEQSA’s approach to managing complaints about TEQSA’s practices and services, or about the actions of a TEQSA employee or contractor and its complaints handling process.

    Scope

    This policy applies to external complaints about practices and services that TEQSA provides to its external stakeholders, and external complaints about the actions of TEQSA employees or contractors, including complaints alleging TEQSA employee or contractor bias.

    This policy does not cover:

    • complaints about regulatory decisions by TEQSA—these are covered by review and appeal provisions
    • complaints about fees or charges for TEQSA applications—these are set by legislative instrument
    • complaints about higher education providers—these are covered by TEQSA’s policy on complaints about providers
    • internal complaints about TEQSA’s practices and services—these are covered by TEQSA’s internal grievance and public interest disclosure procedures
    • investigations about TEQSA conducted by the Commonwealth Ombudsman. Information about making complaints to the Commonwealth Ombudsman can be found on its website.

    Principles that guide complaint handling

    1. TEQSA aims to provide high quality services to all stakeholders, and invites complaints from external stakeholders when its practices or services, or the actions of its employees or contractors, do not meet the standards set out in its Service Charter.
    2. All complaints against TEQSA or its employees will be considered seriously.
    3. Complaints about TEQSA will be handled in a way that is prompt, respectful, responsive, fair and consistent.
    4. Principles of procedural fairness will be applied to all parties when investigating and responding to a complaint about TEQSA’s activities and practices, and about the activities and practices of its staff.
    5. TEQSA will use findings following investigation of a complaint to improve its practices and services to stakeholders.

    Complaints handling process

    1. TEQSA does not restrict the manner in which a complaint may be made. However, in general, complaints should be submitted by email to review@teqsa.gov.au.
    2. If a complainant provides contact information, TEQSA will confirm receipt of the complaint, and provide information about how TEQSA complaint will handle the complaint (including, as far as possible, the timeframe in which TEQSA will consider and respond to it).
    3. Consideration of complaints about TEQSA and staff members will be coordinated by TEQSA’s Legal Team, except in the case of a complaint about the Legal Team or a member of the Legal Team. In the case of complaints about the Legal Team or a member of the Legal Team, they will be referred to the TEQSA CEO—and TEQSA’s consideration of them will be informed by TEQSA’s conflict of interest policy and any other relevant policies. Depending on the nature and complexity of the complaint(s), the TEQSA CEO may also seek external legal advice about any complaint(s) made about the Legal Team or a member of the Legal Team.
    4. Complaints are handled in accordance with TEQSA’s privacy and confidentiality obligations (TEQSA’s privacy policy) In particular, to the extent that TEQSA proposes to disclose a complainant’s personal details, the complainant’s consent will be sought.
    5. Subject to TEQSA’s confidentiality obligations, complainants are informed of the action TEQSA takes in response to a complaint.
    6. Records of complaints about TEQSA will be maintained separately from other complaints, including from records of complaints about providers.
    7. Where a complaint falls outside TEQSA’s remit, the complainant will be informed of any other agencies to which the complaint may be relevant.
    8. TEQSA may decide not to investigate a complaint found to be fraudulent, vexatious or vindictive.

    Further information

    Further information about TEQSA’s approach to the management and handling of complaints about TEQSA can be obtained by directing an email enquiry to: review@teqsa.gov.au

    Stakeholder
    Publication type
  • TEQSA’s approach to consultation

    Body

    Why does TEQSA consult?

    TEQSA takes a partnership approach to regulation of the higher education sector. As part of this, TEQSA will seek to consult stakeholders when we consider or propose changes that may meaningfully inform or impact regulation of the higher education sector.

    TEQSA values feedback from stakeholders and recognises consultation and engagement supports improvements in regulation and providers’ capacity for self-assurance. 

    Principles of consultation

    TEQSA’s approach to consultation is consistent with its overall regulatory philosophy of partnership with the sector. It is also guided by the principles of reflecting risk, proportionality, and necessity. 

    1. Broad consultation

    TEQSA endeavours to consult with the full range of stakeholders within the Australian higher education system. It recognises that the sector is diverse and the views and interests of stakeholders may vary depending on their size, nature of operations and location. TEQSA’s approach to consultation aims to capture the breadth and diversity of stakeholders affected by any proposed changes, and also considers whether the impact of proposals is likely to differ among providers. 

    TEQSA may establish and refer to a ‘TEQSA Reference Group’ as part of its consultation process, where appropriate.

    2. Clear purpose and scope

    TEQSA will clearly explain the objectives of a consultation process. The focus and scope of consultation will be directly linked to meeting the objects of the Tertiary Education Quality and Standards Agency Act 2011 (TEQSA Act). This includes monitoring provider compliance with the Higher Education Standards Framework (Threshold Standards) 2021. Consultation documents will clearly set out the consultation process, what is being proposed, the scope to influence and benefits of the proposal. 

    3. Enough time

    TEQSA believes consultation on proposals should start early and continue at key stages in the development of a proposal when there is scope to influence the outcome. TEQSA will aim to put sufficient information in the public domain to allow stakeholders to provide an informed view. TEQSA will also allow enough time for consideration of the potential outcome of the proposal.

    The duration of a consultation process will be appropriate for each proposal’s purpose and scope. If a consultation extends over a holiday period, TEQSA will take this into consideration when setting the response cut-off date. If a shorter consultation exercise is unavoidable, TEQSA will make clear the reasons for this. 

    4. Accessible

    TEQSA is aware of the importance of ensuring consultation processes and documents can be easily accessed by stakeholders. Channels of communication may include direct email, correspondence, website, survey tools, forums, use of reference groups, or a combination of these. If a stakeholder has difficulty accessing any of TEQSA’s published documents, TEQSA will address this in a timely manner.

    5. Minimal burden

    Where possible, TEQSA appreciates that keeping the potential impact of consultation to a minimum is essential to effective consultation. Wherever possible, TEQSA will make best use of existing data and will ask stakeholders to add to or validate this information. Where feasible, TEQSA may ‘join up’ consultation exercises to reduce the administrative burden associated with multiple consultation processes.

    Where possible, TEQSA will consider of the timing of any other consultations with the sector that are being planned by other Australian Government regulatory or policy agencies (e.g. the Department of Education or the Australian Skills Quality Authority). This is to avoid a situation where providers are overloaded with requests to contribute to government consultations or are asked for the same or similar information by different agencies.

    6. Clear feedback on outcomes

    TEQSA will provide, to the extent possible, clear feedback to participants following each consultation, primarily via an analytical summary of the responses received and an explanation of how the consultation exercise influenced the development of the proposal under consideration. This will be done as soon as practicable after the close of the consultation exercise. In keeping with good practice, TEQSA understands that this approach demonstrates openness and transparency and increases stakeholder trust in the consultation process.

    The summary of responses will generally also list those who responded to the consultation exercise, the means by which responses were received (for example, formal responses and other channels such as meetings and online discussion forums) and an indication of the range of responses to each question.

    On occasion, TEQSA may publish submissions made to TEQSA. This intention will generally be made known to stakeholders at the time submissions are sought. If TEQSA decides to publish submissions, permission will be sought prior to publication.

    7. Improvement

    TEQSA will formally evaluate each consultation process to identify ways of making future consultations more effective and efficient. This process will consider any views expressed by stakeholders on particular aspects of the process and/or by external experts.

    8. Confidentiality

    TEQSA will consider all requests to keep information confidential. While TEQSA has certain statutory obligations of confidentiality under the TEQSA Act, it also operates within a public accountability framework. This includes obligations:

    • to provide information to Ministers, the Parliament or Parliamentary Committees
    • under the Freedom of Information Act 1982, the Auditor-General Act 1997 and the Ombudsman Act 1976
    • to provide reasons for TEQSA’s decisions or details about TEQSA’s activities, including in the context of court or tribunal proceedings. 

    At times TEQSA may be obliged to share confidential information. In these situations, TEQSA will endeavour to consult with affected stakeholders and afford them an opportunity to make a submission about whether the information should be released. However, in certain cases it may not be possible to consult the affected stakeholders.

    9. Privacy

    TEQSA is obliged to protect any personal information about individuals in accordance with the provisions of the Privacy Act 1988. TEQSA will provide information about the collection, use and disclosure of personal information where it is likely that personal information will be collected in consultations.

    Phases of consultation

    While each TEQSA consultation will be adapted to suit the circumstances of the particular proposal under consideration, it will generally include the main phases of consultation set out in below:

    1. TEQSA notifies the sector of its intention to consult via the TEQSA website/formal correspondence/advertisement
    2. TEQSA issues documentation, which may include a consultation paper
    3. TEQSA may hold briefings or meet with key stakeholders
    4. TEQSA receives feedback from stakeholders
    5. TEQSA publishes a summary of feedback and responses. This could include any actions/changes that may occur as a result of stakeholder feedback
    6. TEQSA issues final paper/policy via the TEQSA website/formal correspondence.
    Stakeholder
    Publication type
  • Lawful disruption of access to online services policy

    Body

    Purpose

    This document sets out TEQSA’s policy regarding requests by TEQSA for the lawful disruption of access to online locations under s313(3) of the Telecommunications Act 1997 (Telecommunications Act) that appear to show content that amounts to, or involves, contraventions of relevant serious offence or civil penalty provisions in the Tertiary Education Quality Standards Agency Act 2011 (Cth) (TEQSA Act).

    TEQSA’s role and responsibilities

    Please refer to TEQSA’s website for information about TEQSA’s role and responsibilities.

    In particular, TEQSA will apply this policy as part of its efforts to protect academic integrity. For more information about TEQSA’s efforts in this regard, please refer to the relevant page on TEQSA’s website.

    The power to disrupt online locations

    Section 313(3) of the Telecommunications Act requires that carriage service providers, in connection with their operation of telecommunications networks and facilities or the supply of carriage services, give officers and authorities of the Commonwealth, states and territories any help reasonably necessary to, amongst other things, enforce the criminal law and laws imposing pecuniary penalties.

    It enables government agencies to request internet service providers (ISPs), as carriage service providers, to provide such assistance as is reasonably necessary to disrupt the operation of online services by blocking access to online services and locations (including websites).

    In line with the Commonwealth’s relevant guidelines , the following serious offence or civil penalty provisions in the TEQSA Act may form the basis of a request by TEQSA under s313(3) of the Telecommunications Act:

    1. offence provisions that impose a maximum prison term of at least two years
    2. civil penalty of at least 120 Commonwealth penalty units. 

    Principles

    When considering whether to make a disruption request, TEQSA will determine whether a disruption is warranted and necessary by reference to the factors for consideration that are relevant (see below); and

    If TEQSA makes a decision to send a disruption, the agency will:

    1. obtain the necessary approval at TEQSA
    2. once the disruption request is made and implemented, monitor, evaluate and report on the outcome of the disruption.

    When making a disruption request, TEQSA will take steps to ensure that the request is as targeted as possible (by reference to the relevant offence or civil penalty provision in the TEQSA Act), effective and executed appropriately.

    Factors for TEQSA to consider

    Before making a disruption request, TEQSA will consider a range of factors to determine whether the request is warranted and necessary, including:

    1. whether TEQSA or any other agency is conducting an investigation into a possible breach of an offence or civil penalty provision in the TEQSA Act covered by this policy
    2. the availability of other enforcement tools, such as injunctions (and the legal costs and time involved in using those tools by reference to the benefit(s) TEQSA would secure by using them)
    3. the range of services on the site that may be the subject of a disruption request, including whether there is a risk that the disruption request would affect services made available on the site that do not involve contraventions of a relevant offence or civil penalty provision in the TEQSA Act
    4. the harm being done by the online location
    5. the likely effectiveness of the proposed disruption
    6. the view(s) of the relevant internet service provider(s) who TEQSA intends to send the request(s) to
    7. technical feasibility and costs involved in the proposed disruption
    8. potential consequences for, or damage to, the work of other Commonwealth or State government agencies or institutions in their pursuit of their respective objectives
    9. potential consequences or damage to a higher education provider
    10. the nature and seriousness of the offence or contravention
    11. whether there is a public interest in disrupting access.

    Consultation

    TEQSA will consult with the relevant ISPs, as carriage service providers, at an early stage about the proposed disruption, unless there is a material risk that doing so will compromise any relevant investigation. TEQSA will consult to obtain their views on the proposed disruption, the best means of complying with requests for assistance and the management of associated costs in respect of ISPs’ compliance with requests.

    Complaints or concerns about the disruption of access to an online location

    The owner of an affected online location can complain about the disruption by following the instructions on the Protect yourself from illegal commercial cheating services webpage (under the heading Complain or raise concerns about the blocking of a website). Concerns about the disruption that impact upon any person other than the owner of the affected online location can be raised in the same way.

    If TEQSA receives a complaint about a disruption, it will initially determine whether the disruption should remain in place and respond to the complaint accordingly, including by informing the complainant of the outcome of its determination (if the complainant provided contact details when lodging the complaint). Any concerns raised with TEQSA will be dealt with by reference to the concerns raised.

    TEQSA may use any information it receives from any person who contacts it about the disruption of access to an online location in taking enforcement action (including in the pursuit of civil penalty or criminal penalty proceedings pursuant to sections 114A and 114B of the Tertiary Education Quality and Standards Act 2011), either independently or in conjunction with other agencies.

    Review and monitoring following request

    TEQSA will monitor and evaluate each disruption request. If TEQSA becomes aware that a disruption is inappropriate (or no longer appropriate) or has unintended consequences, then TEQSA will consider taking appropriate remedial action.

    TEQSA will note contact from any person regarding any disruption.

    TEQSA may use any information it receives from any person who contacts it about the disruption of access to an online location in taking enforcement action (including in the pursuit of civil penalty or criminal penalty proceedings pursuant to sections 114A and 114B of the Tertiary Education Quality and Standards Act 2011), either independently or in conjunction with other agencies.

    Informing the public about requests

    TEQSA will take reasonable steps to notify the owner of an online location covered by a request under s313(3) of the Telecommunications Act, unless doing so could compromise an investigation either TEQSA or any other agency is conducting.

    The Commonwealth’s relevant guidelines state that agencies should publish each disruption request and include why the request has been made to promote transparency and public awareness about requests made under s313(3) of the Telecommunications Act. The guidelines, however, also state that agencies are not required to publish requests if the report may jeopardise ongoing or planned investigations, interfere with operational activities, or give rise to other law enforcement or national security concerns.

    Wherever practical and reasonable in the circumstances, TEQSA will inform the public each time it makes a disruption request by:

    1. publishing a notice on the disrupted website advising that access to a particular site has been stopped (a ‘stop page’). The stop page will advise that TEQSA has requested the disruption and the reason(s)
    2. notifying the public of the fact that the power has been used and why on TEQSA’s website.

    The stop page will include details of how adversely affected parties may complain to TEQSA if they feel aggrieved by the disruption.

    In accordance with the guidelines, TEQSA will report annually to the Australian Communications and Media Authority (ACMA) on the number of disruption requests the agency has made during the year: see p. 6 of the guidelines. 

    ACMA is responsible for reporting annually to Parliament on all requests made by government agencies during the year. Further, TEQSA will provide information about the number of requests for assistance we made each year in TEQSA’s annual report.

    Contact

    Any enquiries about TEQSA’s approach to the lawful disruption of access to online locations can be directed to: enquiries@teqsa.gov.au.

    1. See Guidelines for the use of section 313(3) of the Telecommunications Act 1997 by government agencies for the lawful disruption of access to online services (‘the guidelines’)
    Stakeholder
    Publication type
  • Complete APP privacy policy and privacy management plan

    Body

    About this privacy policy 

    TEQSA uses a layered approach to presenting its privacy policy. This policy provides you with complete information on how the agency handles personal information, separated into the following different categories of records: 

    • Part A: Personnel 
    • Part B: Financial management system 
    • Part C: Consultancy and contracted services records
    • Part D: Higher education provider case management 
    • Part E: Legal services 
    • Part F: Enquiries mailbox 
    • Part G: Complaints
    • Part H: Freedom of Information 
    • Part I: Provider Information Request (PIR) 
    • Part J: Data collected from TEQSA website
    • Part K: Sector engagement contact details
    • Part L: Academic cheating services

    Below is some general information on the agency’s privacy obligations, how to access and correct your personal information, disclosure of information and how to make complaints about the way the agency handles personal information. 
    TEQSA also has a Condensed Australian Privacy Principles (APPs) Privacy Policy which summarises the agency’s approach to handling personal information.

    The agency’s Privacy Management Plan can be found at the end of this policy. 

    Obligations 

    All personal information collected by TEQSA is protected by the Privacy Act 1988. Information on the Commonwealth Privacy Act 1988 can be found on the website of the Office of the Australian Information Commissioner. The agency is committed to protecting personal information. This Privacy Policy embodies this commitment and applies to personal information collected by TEQSA and its contractors and agents. The agency adheres to the requirements of the APPs contained within the Privacy Act 1988, the Privacy (Australian Government Agencies — Governance) APP Code 2017 and the Guidelines for Federal and ACT Government World Wide Websites, issued by the Privacy Commissioner. 

    This document also includes the agency’s Privacy Management Plan required under the Privacy (Australian Government Agencies — Governance) APP Code 2017.

    Access and correction 

    The agency will allow individuals to have access to their personal information that we hold and we will correct an individual’s personal information if it is inaccurate (subject to restrictions on such access/alteration of records under the applicable provisions of any law of the Commonwealth). The Freedom of Information Act 1982 also provides an opportunity to request access to documents in the possession of TEQSA. An individual who wishes to access the personal information the agency holds about them and to seek correction of that information can email their request to foi@teqsa.gov.au

    Access to and correction of information

    If you make a request to access your personal information under the FOI Act, TEQSA will process it in line with the FOI Act. Part H below sets out what TEQSA does with Freedom of Information request documents.

    If you make a request to correct personal information, TEQSA will:

    • Acknowledge your request within 5 days,
    • Inform you of the outcome of your request within 30 days, having considered it in line with APP 13.

    Anonymity and pseudonymity

    For the purposes of APP 2.2(b), in most circumstances, it is impracticable for TEQSA to deal with individuals who have not identified themselves or who have used a pseudonym.

    TEQSA may consider dealing with individuals who have not identified themselves or used a pseudonym in getting information in relation to the exercise of its regulatory powers, on a case-by-case basis.

    Individuals who wish to deal with TEQSA anonymously or to by using a pseudonym should tell TEQSA accordingly so that TEQSA can consider how it can deal with them.

    In this regard, TEQSA’s online concern’s form (Raising a complaint or concern - online form | Tertiary Education Quality and Standards Agency (teqsa.gov.au)) allows you to remain anonymous in submitting your concern.

    Disclosure 

    From time to time, TEQSA may disclose records it holds that contain personal information to overseas higher education regulatory bodies. This may include with higher education regulatory bodies in the United Kingdom, Ireland and New Zealand. 

    We only collect, hold, use and disclose personal information for a lawful purpose that is reasonably necessary or directly related to one or more of our functions or activities or where otherwise required or authorised by law.

    We will only use your personal information for secondary purposes where we are able to do so in accordance with the Privacy Act (for example, with your authorisation). 

    Complaints 

    To make a complaint about the agency’s handling of personal information or compliance with the APPs please write to the address below: 

    • Privacy Contact Officer 
      Tertiary Education Quality and Standards Agency 
      GPO Box 1672 
      Melbourne VIC 3001 
    • Email: foi@teqsa.gov.au 

    If we receive a complaint about the agency’s handling of personal information or compliance with the APPs we will determine what (if any) action we should take to resolve the complaint. If we decide that a complaint should be investigated further, the complaint will usually be handled by a more senior officer than the officer whose actions you are complaining about. 

    We will tell you promptly that we have received your complaint and will take all reasonable steps to respond to the complaint within 30 days. 

    If you are not satisfied with the agency’s response you can complain to the Commonwealth Ombudsman. You may also make a complaint to the Office of the Australian Information Commissioner.

    PART A: Personnel records 

    Collection 

    The personal information contained in TEQSA’s personnel records is generally collected from the individual but may be obtained from former employers of individuals on engagement and from Document Verification Services (DVS), with the consent of the individual.

    Content 

    The content of personnel records may include: name, address, date of birth, occupation, AGS number, gender, qualifications, equal employment opportunity group designation, next of kin, details of pay and allowances, leave details, work reports, security clearance details, employment history and information relating to the health and safety of staff and the community. Personnel records include records about current and former employees and officeholders as well as records about applicants for positions at TEQSA and other individuals connected with employees and applicants who provide their personal information to TEQSA. ​​​

    Under the Privacy Act 1988, sensitive information means: 

    (a) Information or an opinion about an individual’s:

    i. racial or ethnic origin; or
    ii. political opinions; or
    iii. membership of a political association; or
    iv. religious beliefs or affiliations; or
    v. philosophical beliefs; or 
    vi. membership of a professional or trade association; or
    vii. membership of a trade union; or
    viii. sexual orientation or practices; or
    ix. criminal records;
    that is also personal information; or

    (b) health information about an individual; or 
    (c) genetic information about an individual that is not otherwise health information; or 
    (d) biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or 
    (e) biometric templates. 

    Personnel records held by TEQSA may include personal and sensitive information such as: physical and mental health, COVID-19 vaccination status, disabilities, racial or ethnic origin and criminal convictions. The records may also include personal and sensitive information on third parties where TEQSA staff and officeholders have disclosed a personal or business relationship relevant to and in accordance with TEQSA’s conflict of interest policy and procedure and the Public Governance, Performance and Accountability Act 2013. 

    Use 

    Personnel records are used by TEQSA for the management of human resources and to manage the health and safety of staff and the community as required by law. The following agency staff have access to personnel records: executive and senior staff with personnel management responsibility, supervisors and members of selection committees (as appropriate), the individual to whom the record relates and, as is relevant to completing their duties, People & Capability staff. 

    Security and disposal 

    Personnel records are kept according to the applicable provisions of the records authorities in relation to personnel functions issued by Australian Archives. Access to these records is restricted. They are kept in locked cabinets and on a restricted drive on TEQSA’s IT network, which is only accessible by authorised staff. 

    Disclosure 

    Information held in personnel records may be disclosed, as appropriate or where required by law to: 

    Comcare in relation to claims and workplace health issues; Commonwealth Medical Officers for the purposes of conducting fitness for duty assessments or for the purpose of managing and reducing the spread of infectious disease; State authorities for the purpose of managing and reducing the spread of infection disease; Attorney-General's Department or Australian Public Service Commission for the purposes of obtaining policy advice; ComSuper and other superannuation administrators or the Productivity Commission for the purposes of calculating and paying employee entitlements; and the Australian Taxation Office, Centrelink, and the Child Support Agency in relation to payments required to be made. Information held on personnel records is moved to other APS agencies on movement or reengagement of an employee to that agency.

    PART B: Financial management system records 

    Collection 

    The personal information contained in TEQSA’s financial management system records is generally collected from the individual or the employer of an individual. 

    Content 

    Contents may include: name, address, contact information and transaction history with TEQSA over previous and current financial years. Details of vendors and employee bank accounts are also kept in the financial system. 

    Use 

    Information is collected to maintain complete information relating to all financial transactions of the agency. The purpose of these records is to maintain payment details to allow for payment of invoices and claims from staff members and service providers. 

    Within TEQSA this information is only available to relevant staff members of Finance Section and authorised users of interfacing systems responsible for payments by direct credit (i.e. staff salary payments via Aurion). 

    Security and disposal 

    The information in the Financial Management Information System (FMIS) is stored indefinitely. Paper records are destroyed seven years after last action. Access to these records is restricted. They are kept in locked cabinets and on a restricted drive on TEQSA’s IT network, which is only accessible by authorised staff. 

    Disclosure 

    Information may be disclosed to the Reserve Bank of Australia and the Productivity Commission for the purpose of processing agency payments. The Finance team at the FairWork Ombudsman (FWO) also have access to the FMIS as TEQSA has outsourced certain financial reporting functions to the FWO.

    PART C: Consultancy and contracted services records 

    Collection 

    The personal information contained in TEQSA’s consultancy and contracted service records is generally collected from the individual or the employer of an individual.

    Content 

    The consultancy and contracted services (including external expert) records may include name, address, phone number, email address, qualifications, honorifics, languages spoken employment history, details of referees, details of rate, work reports, security clearance details and information on their employment and any employees and subcontractors. Sensitive contents of a consultant’s or contractor’s information may include security assessment details, professional memberships, and racial or ethnic origin. The personal information in these records relates to the employees or subcontractors of the consultancy firm or external experts responding to a request for goods/services. The consultancy services records include information collected in the course of engaging external subject matter experts and in the process of procuring goods and/or services. 

    Use 

    The purpose of these records is to assist with the evaluation and engagement of consultancy services, external experts, or the procurement of goods and/or services. 

    Information collected is used in relation to TEQSA’s functions and activities, including:

    1. internal reporting
    2. external reporting (for example, to the Minister or Department of Education and Training)
    3. monitoring compliance with the Commonwealth Procurement Rules through the Commonwealth’s compliance reporting process.

    TEQSA staff in the business area from which the original request for consultancy services or external experts originated have access to these records as well as the Finance Team and senior managers on a need to know basis.

    Security and disposal 

    Consultancy service records are kept according to the applicable provisions of the General Records Authority and establishment records issued by Australian Archives. Access to these records is restricted. They are kept in locked cabinets and on a restricted drive on TEQSA’s IT network, which is only accessible by authorised staff. 

    Disclosure 

    The name of a consultant and the content of their report may be disclosed to higher education providers, government agencies or other bodies for the purposes of performing TEQSA’s regulatory functions. TEQSA discloses some details of the consultancy record to the FWO for financial reporting. TEQSA discloses personal information when:

    a) TEQSA is authorised by or under an Australian law or a court/tribunal order; 
    b) a permitted general situation arises; or
    c) TEQSA reasonably believes that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

    Certain personal information collected by TEQSA from external experts is published on TEQSA’s website with the consent of those experts.

    PART D: Higher education provider case management records 

    Collection 

    The personal information contained in TEQSA’s provider case management records is generally collected from the individual or a higher education provider with which the individual was/is associated (for example as a current or former student or employee). 

    TEQSA also collects student records from providers who cease to operate. The personal information contained in these records may include, for example, personal details to facilitate verification of records and student identity, academic records and testamurs. 

    Content 

    The content includes: name, title, address, phone, email, date of birth, position title, position responsibilities, term of appointment, professional and educational history. Sensitive information may include acts of professional or academic misconduct, financial history, qualifications, gender and criminal convictions. 

    Use 

    The purpose of these records is to record details relating to higher education provider registration and course accreditation applications and assessments, notifications and general communications relating to providers, to enable TEQSA to carry out its regulatory functions. 

    Security and disposal 

    Provider case management records are kept according to TEQSA’s Records Authority. Access to these records is restricted. They are kept on premises only accessible via a security pass and on a restricted drive on TEQSA’s IT network, which is only accessible by authorised staff. 

    Disclosure 

    Personal information in these records may be disclosed to Commonwealth, state or territory bodies responsible for regulating the provision of education, to consultants engaged by TEQSA and to bodies responsible for regulating occupations associated with courses regulated by TEQSA. Records may also be disclosed to regulated higher education providers, including in circumstances where a provider has ceased to operate and a student consents to TEQSA disclosing their student record to a different provider. These disclosures would be made for the purposes of assisting TEQSA to assess applications made to TEQSA, to verify providers’ policies and procedures relating to their compliance with the Higher Education Threshold Standards, and to otherwise assist TEQSA to perform its regulatory responsibilities.

    PART E: Legal services records 

    Collection 

    The Legal Group does not usually collect personal information but relies on existing records held by TEQSA. 

    Content 

    The personal information in the legal services records includes but is not limited to: name, address, date of birth, gender, marital status, and occupation. Sensitive content may include financial information, employee records, criminal convictions, physical or mental health details, relationship details and racial or ethnic origin. 

    Use 

    These records are used to enable the Legal Group to perform its functions in relation to the delivery of legal services to TEQSA. Officers of TEQSA’s Legal Group involved in the provision of legal services and, on a need-to-know basis, senior managers have access to these records. 

    Security and disposal 

    The records are kept in accordance with the Administrative Functions Disposal Authority issued by the National Archives of Australia. The records are kept for specified periods that relate to the contents and have a wide range, e.g. records of breaches of mandatory standards are destroyed seven years after action completed, records of claims are destroyed seven years after settlement or withdrawal. 

    Access to these records is restricted. They are kept in locked cabinets and on a restricted drive on TEQSA’s IT network, which is only accessible by authorised staff. 

    Disclosure 

    This information may be disclosed to Commonwealth departments and agencies for the purposes of seeking legal advice or consulting on such requests, external legal advisers, and Courts and Tribunals.

    PART F: Enquiries mailbox 

    Collection 

    The personal information contained in these records is usually voluntarily sent by the individual to whom the information relates.

    Content 

    The personal information contained in these records may include: name, address, occupation and phone number. 

    TEQSA staff who manage the mailbox have access to this information. In addition, personal information contained in the enquiries are sometimes forwarded to Provider Case Managers or other staff in order to respond to the enquiries. Some of the enquiries are treated as complaints. See the complaints section of this Privacy Policy for information on who has access to personal information contained in complaints.

    Use 

    These records contain details of email enquiries received by the TEQSA enquiries mailbox. TEQSA uses the personal information in these records to respond to the enquiry. These emails are kept by TEQSA as a record of TEQSA having responded to the query. 

    Security and disposal 

    The records will be kept for five years. Access to these records is restricted. They are kept on a restricted drive on TEQSA’s IT network, which is only accessible by authorised staff.

    Disclosure 

    TEQSA discloses personal information when:

    a) Authorised by or under an Australian law or a court/tribunal order; 
    b) a permitted general situation arises or
    c) reasonably believed that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

    PART G: Complaints 

    Collection 

    The personal information contained in these records is usually voluntarily sent by the individual to whom the information relates.

    Content 

    The records may contain personal information of a complainant’s name, educational history, email address, postal/residential address, citizenship /visa status, address, occupation and phone number. 

    Use 

    These records contain details of complaints received by TEQSA about higher education providers or about TEQSA’s conduct. The complaints are kept for consideration when TEQSA performs its regulatory functions in determining if a provider is meeting its obligations under the Tertiary Education Quality and Standards Agency Act 2011 or in assessing any complaint about TEQSA’s conduct.

    TEQSA staff who manage the complaints mailbox and provider case managers have access to this information to the extent that it contains details of complaints about higher education providers.

    TEQSA will use information about complaints it receives about TEQSA’s conduct in line with its Complaints about TEQSA policy

    Security and disposal 

    Complaints records are kept according to TEQSA’s Records Authority. 

    Access to these records is restricted. They are kept on a restricted drive on TEQSA’s IT network, which is only accessible by authorised staff. 

    Disclosure 

    TEQSA discloses personal information received as part of complaints about higher education providers when:

    1. authorised by or under an Australian law or a court/tribunal order;
    2. a permitted general situation arises, or
    3. it reasonably believes that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

    TEQSA discloses personal information received as part of complaints about TEQSA when:

    1. authorised by or under an Australian law or a court/tribunal order;
    2. a permitted general situation arises, or
    3. it reasonably believes that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

    In line with TEQSA's Complaints about TEQSA policy, to the extent that TEQSA otherwise proposes to disclose a complainant’s personal details, the complainant’s consent will be sought.

    PART H: Freedom of Information records 

    Collection 

    The personal information contained in these records is usually voluntarily sent by the individual to whom the information relates.

    Content 

    The records may include a freedom of information applicant’s name, address, phone number, date of birth, gender and occupation. 

    Use 

    The purpose of these records is to process and maintain a record of requests for access to documents under the Freedom of Information Act 1982. The following TEQSA staff have access to these records: the freedom of information coordinator and freedom of information officer, the Legal Group and senior managers on a need-to-know basis. 

    Security and disposal 

    The records are kept for seven years. 

    Access to these records is restricted. They are kept in locked cabinets and on a restricted drive on TEQSA’s IT network, which is only accessible by authorised staff. 

    Disclosure 

    Some of this information may be disclosed to Commonwealth agencies or departments concerned with the particular application, or to other entities required to be consulted under the Freedom of Information Act 1982.

    PART I: Provider Information Request (PIR) data 

    Collection 

    PIR data is collected from higher education providers and from the Commonwealth Department of Education. 

    Content 

    The personal information contained in the PIR data includes student and staff numerical identifiers, courses studied by students and students’ outcomes, as well as students’ educational history, citizenship /visa status, fee-paying status, and in some cases the salaries and work contract description of staff. 

    Use

    This data enables TEQSA to regulate the higher education sector in line with its regulatory principles (relating to regulatory necessity, risk and proportionality). Through access to a core data set across all providers, TEQSA is able to employ a risk-based approach to regulation and thus can reduce regulatory burden on the sector and focus regulatory effort on potential risks to students. The data is used to calculate risk indicators which inform TEQSA’s assessments of providers and allow relevant application processes to be tailored. TEQSA also uses the data to prepare high level analysis across the higher education sector, though this information is only published or disclosed in a de-identified form. 

    Security and disposal 

    PIR data records are kept according to TEQSA’s Records Authority which set out requirements for keeping, destroying or transferring records. Records are held in an isolated electronic data vault, with access limited to a small number of specially authorised personnel from the Information Management staff at TEQSA, who are responsible for managing these records. 

    Disclosure 

    TEQSA may disclose this information to information technology contractors for the purposes of maintaining information technology systems (including databases) associated with this information. 

    PART J: Data collected from TEQSA website 

    When you use TEQSA’s online services, our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your server address, your top level domain name, the date and time of the visit to the site, the pages accessed and documents viewed, the previous sites visited, and the browser type, browser language, and one or more cookies that may uniquely identify your browser.  The information does not contain anything that identifies, or may be used to identify, individuals.

    PART K: Sector engagement details

    Collection 

    Sector engagement contact details and personal information is collected from the relevant individual or their employer. 

    Content 

    The personal information contained in the sector engagement contact details may include individuals’ names, email addresses, job titles, employers, phone numbers, employers’ address, state/territory/location of residence, and images of sector events (including images of attendees and speakers).

    Use

    This data enables TEQSA to keep members of the higher education sector up to date with news and events about the agency. It also allows the agency to maintain contact with peak bodies and organisations relevant to TEQSA’s functions. Personal information (such as name, job title and employer) and images may also be used to promote TEQSA’s activities and functions.  

    Security and disposal 

    Sector engagement contact records are kept according to TEQSA’s Records Authority. Access to these records is restricted. MOU and Peak body contact details are kept on premises only accessible via a security pass and on a restricted drive on TEQSA’s IT network, which is only accessible by authorised staff. Contact details for Subscribers to TEQSA’s newsletters are kept on MailChimp and only accessible to a small number of authorised staff in the Engagement Group. 

    Disclosure 

    TEQSA may disclose this information to Information Technology companies (such as MailChimp) for the purposes of maintaining databases associated with this information. TEQSA may also publish information (such as name, job title, employer and image) to promote TEQSA’s functions and activities. For example, images and descriptions of speakers and attendees at the TEQSA conference or other events may be published on TEQSA’s website or in other promotional materials.

    PART L: Academic cheating services

    Collection 

    Personal  information contained in records is provided to TEQSA by individuals when submitting complaints or concerns about academic cheating services. Information may also be collected from higher education providers that become aware of academic cheating services being advertised or offered.   

    Content 

    The records may contain personal information including student or complainant’s name, education history, telephone number, email address and social media user details (such as username, image and other publicly available information). Records may also contain personal information of individuals allegedly providing or advertising academic cheating services including name, telephone number and email address.

    Use

    The records contain details of alleged academic cheating service providers or advertisers received by TEQSA. The information is kept for consideration in investigating reports of academic cheating services and in determining any breaches of the Tertiary Education Quality and Standards Agency Act 2011 (TEQSA Act) and any action that may be taken.

    Security and disposal 

    Records relating to academic cheating are kept according to TEQSA’s Records Authority. 

    Access to these records is restricted. They are kept on a restricted drive on TEQSA’s IT network, which is only accessible by authorised staff. 

    Disclosure 

    TEQSA discloses personal information when:

    a) Authorised by or under an Australian law or a court/tribunal order; 
    b) a permitted general situation arises; or
    c) reasonably believed that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

    Privacy management plan

    Compliance

    The agency will ensure compliance with its privacy obligations by:

    • maintaining an up to date privacy policy
    • embedding privacy requirements in relevant policies and procedures, which are regularly reviewed 
    • keeping senior management informed about relevant privacy issues
    • undertaking privacy impact assessments when necessary
    • maintaining an up to date Data Breach Management Plan
    • responding promptly to complaints and inquiries about how the agency handles personal information
    • using established processes to allow individuals to access and correct their personal information
    • training staff on privacy obligations 
    • directing staff to seek advice on privacy obligations when required. 

    As required under the Privacy (Australian Government Agencies — Governance) APP Code 2017 agency staff will receive annual privacy training as well as training on induction. 

    Complaints and inquiries

    The agency’s privacy officer will review and respond to any complaints or inquiries about the way the agency handles personal information. More information can be found in the complaints section earlier in this document.

    Privacy goals and target

    The agency’s privacy goals are to handle personal information in a responsible manner, consistent with its obligations under the Privacy Act 1988 and to ensure staff are aware of the agency’s privacy obligations.

    The agency’s privacy target is to achieve 100 per cent compliance with its privacy obligations, and the requirements or requests that arise in respect of its privacy obligations.

    Measuring performance

    The agency will measure and record its performance against its privacy target and goals annually. Any instances in which the agency falls short of its goals and target will be assessed and action taken in order to improve privacy processes.

    Reporting

    The agency’s privacy officer will report to senior management at least annually about relevant privacy issues, including performance against privacy targets, through a scheduled review of this privacy management plan.

    The privacy officer will report to senior management as soon as practicable any substantiated complaint about the agency’s handling of an individual’s personal information, a data breach or any other privacy event which substantially affects TEQSA’s capacity to meet its obligations under the Privacy Act 1988, the Privacy (Australian Government Agencies — Governance) APP Code 2017 or this policy and plan.

    Regular reviews

    The agency will regularly review and update its privacy practices, procedures and systems, to ensure their currency and adequacy for the purposes of compliance with the APPs. The scope of the review will include:

    • the agency’s privacy policy
    • any privacy notice prepared for the purposes of APP 5.
    Stakeholder
    Publication type
  • Financial inducements encouraging students to upload course content to file sharing websites

    Body

    TEQSA is aware of email and social media promotions offering students the chance to win up to $10,000 if they upload course materials or assignments to academic file sharing websites. 

    TEQSA’s Higher Education Integrity Unit is concerned by the integrity risk posed by sharing course content and assessment material on these platforms.

    TEQSA is also concerned that these websites may facilitate the operation of commercial academic cheating services.

    Higher education institutions should consider whether the use of online study platforms constitute a breach of institutional policies and communicate any decision to their students including the disciplinary procedures in place to address this.

    Institutions can take practical actions including:

    • ensuring that institutional policies are regularly reviewed and upheld
    • communicating relevant policies regarding academic integrity to all students during induction and regularly throughout their studies
    • informing students about the risks posed via study platforms that may promote or sell commercial cheating services. TEQSA has published advice for students that may form part of your communication to students
    • reminding students and staff about the importance of academic integrity and the risk posed by illegal cheating services
    • monitoring file-sharing sites and taking action, where possible, to remove institutional content from these sites.

    Further resources

    Providers with any queries about this matter can email integrityunit@teqsa.gov.au

    Subtitle
    Sector alert
    Stakeholder
    Publication type
  • TEQSA enterprise agreement

    Body

    The TEQSA Enterprise Agreement 2024-2027 (the Agreement) is made under section 172 of the Fair Work Act 2009 (the Act), between TEQSA's Acting Chief Executive Officer and all non-SES employees employed under the Public Service Act 1999.

    On 5 March 2024, the Fair Work Commission approved the Agreement, which will operate from 12 March 2024. The nominal expiry date of the Agreement is 28 February 2027.

    The Agreement outlines the terms and conditions of employment with TEQSA, including the salary rates.

    Subtitle
    2024-2027
    Stakeholder
    Publication type

    Documents

    tom.hewitt-mcmanus
  • Procedures for determining breaches of the Code of Conduct and for determining sanction

    Body

    I, Alistair Maclean, as Chief Executive Officer of the Tertiary Education Quality and Standards Agency (the ‘Agency’), establish these procedures under subsection 15(3) of the Public Service Act 1999 (‘the Act’).

    These procedures commence on the date signed. 

    These procedures supersede the previous procedures dated 30 August 2019 made for the Agency under subsection 15(3) of the Act.
     
    Alistair Maclean
    Chief Executive Officer
    26 April 2022

    1. Application of procedures

    1.1  These procedures apply in determining:

    • whether an APS employee in the Agency has breached the APS Code of Conduct (‘the Code’) in section 13 of the Act
    • what sanction, if any, should be imposed on an APS employee in the Agency for a breach of the Code.

    1.2  Unless the contrary intention appears, a reference to an APS employee includes a reference to a former APS employee who is suspected of having breached the Code while an employee in TEQSA.

    1.3  In these procedures, a reference to a breach of the Code by an APS employee includes a reference to a person engaging in conduct set out in subsection 15(2A) of the Act in connection with their engagement as an APS employee.

    Note: Not all suspected breaches of the Code need to be dealt with by way of a process which results in a determination. In particular circumstances, another way of dealing with a suspected breach of the Code may be more appropriate.

    2. Breach decision-maker and sanction delegate  

    2.1  As soon as practicable after a suspected breach of the Code has been identified and the Chief Executive Officer, or person authorised by the Chief Executive Officer (the Director, Corporate for the purposes of these Procedures) has decided to deal with the suspected breach under these procedures, the Chief Executive Officer or authorised person will appoint a decision-maker to make a determination under these procedures. 

    2.2  The role of the breach decision-maker is to determine whether a breach of the Code has occurred.

    2.3  The breach decision-maker may undertake the investigation or seek the assistance of an investigator. The investigator may investigate the alleged breach, gather evidence and make a report of recommended findings of fact to the breach decision-maker.

    2.4  The person who is to decide what, if any, sanction is to be imposed on an APS employee who is found to have breached the Code will be a person holding a delegation of the powers under the Act to impose sanctions.

    2.5  These procedures do not prevent the breach decision-maker from being the sanction delegate in the same matter.

    3. Person or persons making breach determination and imposing any sanction to be independent and unbiased

    3.1  The Chief Executive Officer must take reasonable steps to ensure that the breach decision-maker and the sanction delegate are, and appear to be, independent and unbiased.

    3.2  The breach decision-maker and the sanction delegate must advise the Chief Executive Officer in writing if they consider that they may not be independent and unbiased or if they consider that they may reasonably be perceived not to be independent and unbiased; for example, if they are a witness in the matter.

    4. The determination process 

    4.1  The process for determining whether an APS employee has breached the Code must be carried out with as little formality, and with as much expedition, as a proper consideration of the matter allows.

    4.2  The process must be consistent with the principles of procedural fairness.

    Note: Procedural fairness generally requires that:

    • The APS employee suspected of breaching the Code is informed of the case against them (i.e. any material that is before the decision-maker that is adverse to the APS employee or their interests and that is credible, relevant and significant)
    • The APS employee is given a reasonable opportunity to respond and put their case, in accordance with these procedures, before any decision is made on breach or sanction
    • The decision maker acts without bias or appearance of bias.

    4.3  A determination may not be made in relation to a suspected breach of the Code by an APS employee unless reasonable steps have been taken to:

    a)  inform the APS employee of:

    • the specific details of the suspected breach of the Code, including any subsequent variation of those details
    • where the person is a current APS employee, the sanctions that may be imposed on them under subsection 15(1) of the Act; and

    b)  give the APS employee a reasonable opportunity to make a statement in relation to the suspected breach.

    4.4  The statement may be written or oral statement and should be provided within 7 calendar days or any longer period that is allowed by the decision-maker.

    4.5  An APS employee who does not make a statement in relation to the suspected breach is not, for that reason alone, to be taken to have admitted to committing the suspected breach.

    4.6  For the purpose of determining whether an APS employee has breached the Code, a formal hearing is not required.

    Note: this clause is designed to ensure that by the time the breach decision-maker comes to make a determination, reasonable steps have been taken for the APS employee suspected of breach to be informed of the case against them. It will generally also be good practice to give the APS employee notice at an early stage in the process of a summary of the details of the suspected breach that are available at that time and notice of the elements of the Code that are suspected to have been breached.

    5. Sanctions  

    5.1  The process for imposing a sanction must be consistent with the principles of procedural fairness.

    5.2  If a determination is made that a current APS employee has breached the Code, a sanction may not be imposed unless reasonable steps have been taken to:

    a)  inform the APS employee of:

    • the determination
    • the sanction or sanctions that are under consideration
    • the factors that are under consideration in determining any sanction to be imposed; and

    b)  give the APS employee a reasonable opportunity to make a statement in relation to the sanction or sanctions under consideration.

    5.3  The statement may be a written or oral statement and should be provided within 7 calendar days or any longer period that is allowable by the sanction delegate.

    6. Record of determination and sanction

    6.1  If a determination is made in relation to a suspected breach of the Code by an APS employee, a written record must be made of:

    a)  the suspected breach
    b)  the determination
    c)  any sanctions imposed as a result of a determination that the APS employee has breached the Code
    d)  any statement of reasons given to the APS employee regarding a determination made under these procedures. 

    Stakeholder
    Publication type