Compliance Overview / University of New England

Compliance Overview

Compliance Framework
Compliance Driver	Student Identifiers Act 2014 (Cth)
Classification	Level 2 University-wide requirement. Lower impacts.
Associated Legislation	Higher Education Support Act 2003 (Cth) Tertiary Education Quality and Standards Agency Act 2011 (Cth)
Associated Standards	None
Associated Codes	None
Associated Information	None

Return to Top Administrative Information
Administrative Body	Australian Government - Department of Education
Administrative Name
Administrative Address
Administrative Phone	1300 363 079
Administrative Email
Administrative Website	https://www.education.gov.au/unique-student-identifier-usi/usi-requirements-1-january-2023

Return to Top General Introduction
VC Compliance Delegate	Simon Evans, Deputy Vice-Chancellor
Compliance Coordinator	Tanya Pelle, Director Student Services
Business Units Impacted	Future Students, Engagement and Technologies Office of the Deputy Vice-Chancellor Student Journey UNE International
Overview	The effect of section 53A of the Student Identifiers Act 2014 (SI Act) is that from 1 January 2023, all higher education students studying towards an Australian higher education qualification must have a Unique Student Identifier (USI) to be eligible to receive their award. This requirement is separate from the requirement for higher education students to have a USI to be eligible for Commonwealth support from 1 January 2021, and applies to all higher education students, including international students. Individual exemptions can be sought through the Student Identifiers Registrar but will prevent a student from accessing a CSP or HELP.
Compliance Obligations
Return to Top CAF or eCAF includes the student’s USI
Description	UNE must ensure the CAF (Commonwealth Assistance Form) or eCAF (Electronic Commonwealth Assistance Form) includes the student’s USI
Impacts	Breach Impact Financial: s.29B(2) Making an application under section 9 to the Registrar for a student identifier to be assigned to an individual without being authorised by the individual to make the application - 60 penalty units for corporations * 5 under Crimes Act 1914 s.4B(3) s.29C(1) Altering an authenticated VET transcript of an individual or an extract from an authenticated VET transcript prepared by the Registrar - 60 penalty units for corporations 5 under Crimes Act 1914 s.4B(3) s.29C(2) Making a document that is not an authenticated VET transcript of an individual but purports to be such a transcript, or making a document that is not an extract prepared by the Registrar from an authenticated VET transcript but purports to be such an extract- 60 penalty units for corporations 5 under Crimes Act 1914 s.4B(3) Breach Impact Non-Financial Civil penalty enforceable under Regulatory Powers Act; infringement notices may be issued. s.11(1) Failure to destroy personal information collected solely for the purpose of making a student identifier application as soon as practicable after the application is made or it is no longer needed for that purpose - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation. s.16(2) Failure to take reasonable steps to protect records of student identifiers, schools identifiers, or school identity management information from misuse, interference, loss, and unauthorised access, modification or disclosure - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation. s.17 Unauthorised collection, use or disclosure of protected information - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation Executive Liability: Indirect. Criminal Penalty/Offence: No.
Responsible Manager	Jennifer McDonell, Executive Principal Student Journey
Coordinating Officer	Tanya Pelle, Director Student Services
Coordinating Unit	Student Journey
Oversight Committee/Group	None
Business Units Impacted	Future Students, Engagement and Technologies Office of the Deputy Vice-Chancellor Student Journey
Obligation Framework
Associated Legislation	Higher Education Support Act 2003 (Cth) Tertiary Education Quality and Standards Agency Act 2011 (Cth)
Associated Standard	None
Associated Code	None
Associated Information	None
Management Tools
Rule	None
Policy	None
Protocol	None
Procedure	None
Guideline	None
Other Websites

Return to Top Report USI to DoE
Description	UNE must ensure the Unique Student Identifier (USI) is reported to the Department of Education (DoE) as part of the DoE reporting cycle.
Impacts	Breach Impact Financial: s.29B(2) Making an application under section 9 to the Registrar for a student identifier to be assigned to an individual without being authorised by the individual to make the application - 60 penalty units for corporations * 5 under Crimes Act 1914 s.4B(3) s.29C(1) Altering an authenticated VET transcript of an individual or an extract from an authenticated VET transcript prepared by the Registrar - 60 penalty units for corporations 5 under Crimes Act 1914 s.4B(3) s.29C(2) Making a document that is not an authenticated VET transcript of an individual but purports to be such a transcript, or making a document that is not an extract prepared by the Registrar from an authenticated VET transcript but purports to be such an extract- 60 penalty units for corporations 5 under Crimes Act 1914 s.4B(3) Breach Impact Non-Financial Civil penalty enforceable under Regulatory Powers Act; infringement notices may be issued. s.11(1) Failure to destroy personal information collected solely for the purpose of making a student identifier application as soon as practicable after the application is made or it is no longer needed for that purpose - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation. s.16(2) Failure to take reasonable steps to protect records of student identifiers, schools identifiers, or school identity management information from misuse, interference, loss, and unauthorised access, modification or disclosure - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation. s.17 Unauthorised collection, use or disclosure of protected information - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation Executive Liability: Indirect. Criminal Penalty/Offence: No.
Responsible Manager	Jennifer McDonell, Executive Principal Student Journey
Coordinating Officer	Tanya Pelle, Director Student Services
Coordinating Unit	Student Journey
Oversight Committee/Group	None
Business Units Impacted	Future Students, Engagement and Technologies Office of the Deputy Vice-Chancellor Student Journey
Obligation Framework
Associated Legislation	Higher Education Support Act 2003 (Cth) Tertiary Education Quality and Standards Agency Act 2011 (Cth)
Associated Standard	None
Associated Code	None
Associated Information	None
Management Tools
Rule	None
Policy	None
Protocol	None
Procedure	None
Guideline	None
Other Websites

Return to Top Request and Record USI from commencing Students
Description	UNE must request and record the Unique Student Identifier (USI) of commencing students on enrolment [unless the student is an international student who has not yet entered Australia]
Impacts	Breach Impact Financial: s.29B(2) Making an application under section 9 to the Registrar for a student identifier to be assigned to an individual without being authorised by the individual to make the application - 60 penalty units for corporations * 5 under Crimes Act 1914 s.4B(3) s.29C(1) Altering an authenticated VET transcript of an individual or an extract from an authenticated VET transcript prepared by the Registrar - 60 penalty units for corporations 5 under Crimes Act 1914 s.4B(3) s.29C(2) Making a document that is not an authenticated VET transcript of an individual but purports to be such a transcript, or making a document that is not an extract prepared by the Registrar from an authenticated VET transcript but purports to be such an extract- 60 penalty units for corporations 5 under Crimes Act 1914 s.4B(3) Breach Impact Non-Financial Civil penalty enforceable under Regulatory Powers Act; infringement notices may be issued. s.11(1) Failure to destroy personal information collected solely for the purpose of making a student identifier application as soon as practicable after the application is made or it is no longer needed for that purpose - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation. s.16(2) Failure to take reasonable steps to protect records of student identifiers, schools identifiers, or school identity management information from misuse, interference, loss, and unauthorised access, modification or disclosure - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation. s.17 Unauthorised collection, use or disclosure of protected information - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation Executive Liability: Indirect. Criminal Penalty/Offence: No.
Responsible Manager	Jennifer McDonell, Executive Principal Student Journey
Coordinating Officer	Tanya Pelle, Director Student Services
Coordinating Unit	Student Journey
Oversight Committee/Group	None
Business Units Impacted	Future Students, Engagement and Technologies Office of the Deputy Vice-Chancellor Student Journey
Obligation Framework
Associated Legislation	Higher Education Support Act 2003 (Cth) Tertiary Education Quality and Standards Agency Act 2011 (Cth)
Associated Standard	None
Associated Code	None
Associated Information	None
Management Tools
Rule	None
Policy	None
Protocol	None
Procedure	None
Guideline	None
Other Websites

Return to Top USI Privacy Requirements
Description	To remain compliant with privacy requirements the University must obtain permission from students when creating, or finding a USI. A Privacy Notice must be issued to the student if the University is creating a USI on their behalf. Under section 11 of the Act, any personal information and identity documents obtained to create a USI must not be retained, unless the University is required by another law to keep the information. If storing a record of a USI the University must take reasonable steps to protect that record from misuse, interference, loss, unauthorised access, modification or disclosure.
Impacts	Breach Impact Financial: s.29B(2) Making an application under section 9 to the Registrar for a student identifier to be assigned to an individual without being authorised by the individual to make the application - 60 penalty units for corporations * 5 under Crimes Act 1914 s.4B(3) s.29C(1) Altering an authenticated VET transcript of an individual or an extract from an authenticated VET transcript prepared by the Registrar - 60 penalty units for corporations 5 under Crimes Act 1914 s.4B(3) s.29C(2) Making a document that is not an authenticated VET transcript of an individual but purports to be such a transcript, or making a document that is not an extract prepared by the Registrar from an authenticated VET transcript but purports to be such an extract- 60 penalty units for corporations 5 under Crimes Act 1914 s.4B(3) Breach Impact Non-Financial Civil penalty enforceable under Regulatory Powers Act; infringement notices may be issued. s.11(1) Failure to destroy personal information collected solely for the purpose of making a student identifier application as soon as practicable after the application is made or it is no longer needed for that purpose - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation. s.16(2) Failure to take reasonable steps to protect records of student identifiers, schools identifiers, or school identity management information from misuse, interference, loss, and unauthorised access, modification or disclosure - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation. s.17 Unauthorised collection, use or disclosure of protected information - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation Executive Liability: Indirect. Criminal Penalty/Offence: No.
Responsible Manager	Jennifer McDonell, Executive Principal Student Journey
Coordinating Officer	Tanya Pelle, Director Student Services
Coordinating Unit	Student Journey
Oversight Committee/Group	None
Business Units Impacted	Future Students, Engagement and Technologies Office of the Deputy Vice-Chancellor Student Journey UNE International
Obligation Framework
Associated Legislation	Higher Education Support Act 2003 (Cth) Tertiary Education Quality and Standards Agency Act 2011 (Cth)
Associated Standard	None
Associated Code	None
Associated Information	None
Management Tools
Rule	Privacy Management Rule
Policy	None
Protocol	None
Procedure	None
Guideline	None
Other Websites

Return to Top USI from CSP Students
Description	UNE must ensure any student commencing in a Commonwealth Supported Place (CSP) has provided a USI prior to census date]
Impacts	Breach Impact Financial: s.29B(2) Making an application under section 9 to the Registrar for a student identifier to be assigned to an individual without being authorised by the individual to make the application - 60 penalty units for corporations * 5 under Crimes Act 1914 s.4B(3) s.29C(1) Altering an authenticated VET transcript of an individual or an extract from an authenticated VET transcript prepared by the Registrar - 60 penalty units for corporations 5 under Crimes Act 1914 s.4B(3) s.29C(2) Making a document that is not an authenticated VET transcript of an individual but purports to be such a transcript, or making a document that is not an extract prepared by the Registrar from an authenticated VET transcript but purports to be such an extract- 60 penalty units for corporations 5 under Crimes Act 1914 s.4B(3) Breach Impact Non-Financial Civil penalty enforceable under Regulatory Powers Act; infringement notices may be issued. s.11(1) Failure to destroy personal information collected solely for the purpose of making a student identifier application as soon as practicable after the application is made or it is no longer needed for that purpose - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation. s.16(2) Failure to take reasonable steps to protect records of student identifiers, schools identifiers, or school identity management information from misuse, interference, loss, and unauthorised access, modification or disclosure - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation. s.17 Unauthorised collection, use or disclosure of protected information - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation Executive Liability: Indirect. Criminal Penalty/Offence: No.
Responsible Manager	Jennifer McDonell, Executive Principal Student Journey
Coordinating Officer	Tanya Pelle, Director Student Services
Coordinating Unit	Student Journey
Oversight Committee/Group	None
Business Units Impacted	Future Students, Engagement and Technologies Office of the Deputy Vice-Chancellor Student Journey
Obligation Framework
Associated Legislation	Higher Education Support Act 2003 (Cth) Tertiary Education Quality and Standards Agency Act 2011 (Cth)
Associated Standard	None
Associated Code	None
Associated Information	None
Management Tools
Rule	None
Policy	None
Protocol	None
Procedure	None
Guideline	None
Other Websites

Return to Top USI required for Award Conferral
Description	Under section 53A (1) As a registered higher education provider UNE must not confer a regulated higher education award on an individual unless the individual has been assigned Unique Student Identifier (USI).
Impacts	Breach Impact Financial: s.29B(2) Making an application under section 9 to the Registrar for a student identifier to be assigned to an individual without being authorised by the individual to make the application - 60 penalty units for corporations * 5 under Crimes Act 1914 s.4B(3) s.29C(1) Altering an authenticated VET transcript of an individual or an extract from an authenticated VET transcript prepared by the Registrar - 60 penalty units for corporations 5 under Crimes Act 1914 s.4B(3) s.29C(2) Making a document that is not an authenticated VET transcript of an individual but purports to be such a transcript, or making a document that is not an extract prepared by the Registrar from an authenticated VET transcript but purports to be such an extract- 60 penalty units for corporations 5 under Crimes Act 1914 s.4B(3) Breach Impact Non-Financial Civil penalty enforceable under Regulatory Powers Act; infringement notices may be issued. s.11(1) Failure to destroy personal information collected solely for the purpose of making a student identifier application as soon as practicable after the application is made or it is no longer needed for that purpose - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation. s.16(2) Failure to take reasonable steps to protect records of student identifiers, schools identifiers, or school identity management information from misuse, interference, loss, and unauthorised access, modification or disclosure - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation. s.17 Unauthorised collection, use or disclosure of protected information - Taken to be an interference with privacy under Privacy Act 1988; may be subject to investigation by Information Commissioner; possible enforceable undertakings, court orders, or compensation Executive Liability: Indirect. Criminal Penalty/Offence: No.
Responsible Manager	Jennifer McDonell, Executive Principal Student Journey
Coordinating Officer	Tanya Pelle, Director Student Services
Coordinating Unit	Student Journey
Oversight Committee/Group	None
Business Units Impacted	Future Students, Engagement and Technologies Office of the Deputy Vice-Chancellor Student Journey
Obligation Framework
Associated Legislation	Higher Education Support Act 2003 (Cth) Tertiary Education Quality and Standards Agency Act 2011 (Cth)
Associated Standard	None
Associated Code	None
Associated Information	None
Management Tools
Rule	None
Policy	None
Protocol	None
Procedure	None
Guideline	None
Other Websites

Compliance Obligations