Privacy Policy
In handling your personal information, we will comply with the Privacy Act 1988 (Cth) (Privacy Act) and with the thirteen Australian Privacy Principles in the Privacy Act.
We have policies and procedures in place to ensure that:
personal information is managed in an open and transparent way
the privacy of personal information of participants and staff are protected
we collect and handle personal information fairly
personal information we collect is used and disclosed for legally permitted purposes only
we regulate access to and correction of personal information
we maintain the confidentiality of personal information through appropriate storage and security.
The kinds of information we collect
Consumer personal information is collected to provide care and services. Personal information we collect could include your:
name, address, telephone number and email address
date of birth
gender
advocate or emergency contact’s telephone number and email
health information
diversity status (ethnicity, lifestyle preferences).
How we collect personal information
Participant personal information may be collected from:
you, the participant
your family members or significant others
your advocate
your doctor or other service providers or facilities.
We will collect personal information directly from you unless:
we have your consent to collect the information from someone else
we are required or authorised by law to collect the information from someone else
it is unreasonable or impractical to do so.
You can withdraw your consent at any time by contacting us; although you should be advised that this may impact on our capacity to provide services.
Purpose of collecting personal information
Personal information is collected for the purposes of providing care and services. The information may be used to:
provide support services
enable service providers and medical practitioners to provide care and services
Disclosure of personal information
We may disclose your personal and health information, for the purpose of your care and services, to:
service providers who assist us in providing care and services, medical practitioners, external health agencies such as the ambulance service, hospitals, the National Disability Insurance Scheme, and other relevant government organisations
a person you have nominated as being your advocate, e.g. parent, child or sibling, spouse, a relative, a member of your household, a guardian, an enduring power of attorney, or a person you have nominated to be contacted in case of emergency, provided they are at least 18 years of age.
We may not use or disclose personal information for a purpose other than providing care and services, unless:
you have consented
the purpose is related to providing care and services, and you would reasonably expect disclosure of the information for that purpose
we believe on reasonable grounds that the disclosure is necessary to prevent or lessen a serious and imminent threat to your life, health or safety or a serious threat to public health or public safety
we have reason to suspect unlawful activity and disclosure is required or authorised by law.
We will not disclose your personal information to an overseas recipient.
Security of personal information
We take all reasonable steps to ensure that the personal information we hold is protected against misuse, loss, unauthorised access, modification or disclosure. We hold personal information in both hard copy and electronic forms in secure databases on secure premises and on secure, cloud-based technology, accessible only by our authorised staff.
Accessing the personal information that we hold about you
Under the Privacy Act, you have a right to access your personal information that is collected and held by us. If at any time you would like to access or change the personal information that we hold about you, or you would like more information on our approach to privacy, please contact us.
To obtain access to your personal information, you will have to provide us with proof of identity. We will take all reasonable steps to provide access to your personal information within seven (7) days from your request.
Employee information
Records of current and past employees which are related to the employment relationship are managed in accordance with workplace laws. Privacy laws may apply to employee personal information if the information is used for something that is not related to the employment relationship between our organisation and the employee.
Volunteer records
Personal information collected and held by us in relation to our volunteers will be managed in accordance with the Privacy Act.
Privacy data breaches
In the event that your personal information is lost, stolen or subject to unauthorised access or disclosure, we will implement our Management of Data Breach Policy and Procedure.
Privacy complaints
All complaints regarding privacy can be lodged via our complaint handling process.
At all times, privacy complaints will:
be treated seriously
be dealt with as promptly as possible
be dealt with in a confidential manner
not affect your existing obligations or affect the commercial arrangements between you and us.
You will be informed of the outcome of your complaint following completion of the investigation.